Android Geinimi trojan infecting phones through side-loaded apps

Dec 30, 2010
1

A virus affecting third-party Android app stores has been spotted, with the potential to strip handset and SIM identifier data and send it, as well as location information, to the trojan's authors. Dubbed Geinimi, the malware is currently infecting various Chinese third-party app stores; according to Lookout, as well as stealing personal information, the trojan could leave an Android phone open to remote access and control by a hacker.

At present, Geinimi has been observed stripping the handset's IMEI and SIM's IMSI and sending them to a remote server, along with location information. It's also capable of initiating the download of an app, though user acknowledgement is still required in order to install it. Software in the official Android Market is clean; only those side-loading apps onto their devices are currently at risk, though Lookout does say that this new trojan raises the bar for the complexity of Android malware.

[via Android Community]


Must Read Bits & Bytes