Thursday, December 30, 2010

Geimini, Android Trojan From China Attacks Android Devices.

#Geimini, #Android #Trojan
A Trojan called "Geinimi" has been discovered in the wild affecting Android devices according to mobile security company Lookout. The Trojan collects a lot of information from the device such as personal information, installed apps and other information to remote servers and exhibits botnet-like behavior (capable of being controlled by super droid somewhere), the security company report says.
Geinimi has been recognized as being originated in China, and is being distributed inside applications and games downloadable in third-party Chinese Android app stores. The Geimini trojan has successfully grafted in to legitimate apps, mostly games. Once the application is launched on the user's smartphone, the trojan collects location data, as well as the device's IMEI and IMSI numbers, and a list of all the apps the user has installed on his device. It then attempts to contact a remote server every five minutes, using one of ten embedded domain names. A subset of the domain names includes,,, and If it connects, Geinimi transmits collected device information to the remote server.

Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010 on Chinese App Markets seems to be infected while the same originals apps on the Google Android Marked are not infected.
Lookout has posted following guidelines, to keep your phone safe;

  • Only download applications from trusted sources, such as reputable application markets. Remember to look at the developer name, reviews, and star ratings.
  • Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features the app provides.
  • Be aware that unusual behavior on your phone could be a sign that your phone is infected. Unusual behaviors include: unknown applications being installed without your knowledge, SMS messages being automatically sent to unknown recipients, or phone calls automatically being placed without you initiating them.
  • Download a mobile security app for your phone that scans every app you download. Lookout users automatically receive protection against this Trojan.


Blog Widget by LinkWithin