Geinimi meets Android !

Geinimi, a sophisticated new Android Trojan has emerged from China.  This Trojan once installed  compromises significant amount of  data on a Android phone and sends it to remote servers.
Geinimi as been one of the most advanced  Android malware in the wild and it has botnet-like capabilities.  Once Geinimi is installed on a user’s phone, it has the potential to receive commands from a remote server allowing the owner of that server to control the android phone.

Geinimi is distributed via repackaged version of legitimate applications distributed in third-party Chinese Android app markets. The affected applications request extensive permissions over and above the set that is requested by their legitimate original versions. Few of the applications from “Unkown Source” that has been identified as containing the Geinimi includes Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010.  Even though there are instances of the games repackaged with the Trojan, the original versions available in the official Google Android Market have not been affected.

So far security experts have found the following capabilities in Geinimi :

• Send location coordinates of the phone.
• Send device identifiers (IMEI and IMSI).
• Download and prompt the user to install or uninstall an app.
• Compile and send a list of installed apps to the server.
• Receive commands from the remote server.

Though the malware has been found only on phones in China, nobody is sure when it will with the rest of the world including the US. Lookout Mobile Security has already released updates to protect the android phone.   But the best security is common sense !  Do not download and install all from unknown source, before you download an app, ensure its from a legitimate source and do your due diligence.  This is another reason why I love my iPhone, since  some kind of preliminary due diligence is done by Apple. On Sept, 2010 I wrote an article that contained the following :

One of the advantage of Android is its open source, so the capabilities are unlimited, but that is its disavantage too, the security on software is not as reliable as iOS.
App Store is totally controlled by Apple, they review the software for security holes and stability before its put out on the App store, but Android is not like that. Most of the software available is not reviewed and is on owner’s risk.

Geinimi is another proof  of this.  Google needs to control the app market and put some kind of control like the App Store. I am pretty sure there are more Geinimi like malware that will hit the smart phone market, but until it hits the iPhone, it will be my Hero !