'Most Sophisticated' Android Trojan Surfaces in China

[err0r]

Geinimi, a highly sophisticated Trojan, has been detected in Android devices in China.

 

However, it appears to be more of a sign of things to come rather than a serious threat to U.S. Android users.

 

Dubbed Geinimi (a scrambulation of Gemini) by Lookout Mobile Security, a startup based in San Francisco, the botnet-like Trojan sends location information, device identity and even stored contacts to an unknown server.

 

According to Lookout co-founder Kevin MaHaffe, the most significant feature of Geinimi is its sophisticated command-and-control mechanism.

 

"A server can tell the Trojan what it can do, which makes it more advanced than other Android malware we've seen," he said. "

 

The mobile Trojan has been found in apps infected and repackaged to look like legitimate apps, and uploaded onto Chinese third-party app stores. Infections have been found in games like "Monkey Jump 2," "Sex Positions," "President vs. Aliens," "City Defense," and "Baseball Superstars 2010."

 

GetJar and Android Marketplace have not reported any cases yet.

 

One quick and dirty method for detecting mobile Trojans, MaHaffe says, is to learn an app's permissions and compare them to what the downloaded app is actually asking for. For instance, if the app's description only lists requests for age and gender, a red flag should go up if your downloaded app suddenly asks for your home address, too.

 

Although the Geimini Trojan has yet to land in the U.S., MaHaffe warns smartphone users not to get lazy about protecting their phones as mobile malware becomes increasingly sophisticated.

 

"Attackers are still figuring it out on the mobile landscape," he said. "There's a lot of sophistication for PC malware, but smartphone users need to start protecting their phones as they do their computers."

 

For starters, MaHaffe advises people to use the same level of discernment towards smartphone downloads as they would with PC downloads.

 

"People probably wouldn't download software from nefarious Web sites," he said. "Same thing with mobile apps be careful where you download mobile apps from. Look at developer ratings, user reviews of the app."

 

Source: Sara Yin