Now a days Smartphone plays important role in everyday life and the next generation computing will be on Mobile phone. So it’s quite expected that the hackers will potentially target Mobile Phones. The big Mobile Security Company Lookout warns a Trojan called Geinimi hitting on Android Smartphones in China. According to Lookout “Geinimi is the most sophisticated Android malware to date” but fortunately it’s not widely spread. It’s only affected in China for those Who install apps from Unknown sources (some Chinese Apps Store) rather than Android Market. These legitimate apps, including Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010 etc. request access to far more of the user’s data than they normally would (users have to approve these requests before installing an app), which can tip users off that something is amiss.
How Geinimi works on your Phone:
When a host application containing Geinimi is installed on the phone, the malware runs in the background and connect to a remote server using one of ten embedded domain names. A subset of the domain names includes www.widifu.com, www.udaore.com, www.frijd.com, www.islpast.com and www.piajesj.com. If it connects, Geinimi transmits collected device information to the remote server. Look at The list below for Geinimi capabilities.
- Send location coordinates (fine location)
- Send device identifiers (IMEI and IMSI)
- Download and prompt the user to install an app
- Prompt the user to uninstall an app
- Enumerate and send a list of installed apps to the server
How to stay Safe from Geinimi Android Malware:
- Only download applications from trusted sources. Remember to look at the developer name, reviews, and star ratings.
- Always check the permissions an app requests.
- Be aware that unusual behavior on your phone could be a sign that your phone is infected. Unusual behaviors include: unknown applications being installed without your knowledge, SMS messages being automatically sent to unknown recipients, or phone calls automatically being placed without you initiating them.
- Download a mobile security app for your phone that scans every app you download. Lookout users automatically receive protection against this Trojan.
Finally a little a thought: Lookout is a Mobile Security Company and they provide Lookout applications for Android, Windows Mobile and BlackBerry, so they might gonna have some benefit for these type of exploits. But it is always safe to be aware. source.