Android Trojan “Geinimi” Found

Are you using an Android operated smartphone? Read this post and be informed. Lookout, a San Francisco based mobile security company has discovered a new Trojan called “Geinimi” that's affecting Android powered devices. The company said the Trojan has emerged from China.

In a blog post on December 29th, Lookout revealed that “Geinimi,” which displays “botnet-like capabilities,” can obtain “a significant amount of personal data on a user’s phone and send it to remote servers.” Once the malware is installed on a user’s phone, “it has the potential to receive commands from a remote server that allow the owner of that server to control the phone,” the mobile security software company disclosed.

How does “Geinimi” work? According to Lookout, when a host application containing “Geinimi” is launched on a user’s phone, “the Trojan runs in the background and collects significant information that can compromise a user’s privacy.”

Lookout pointed out that this Trojan is capable of the following:
  • Send location coordinates (fine location)
  • Send device identifiers (IMEI and IMSI)
  • Download and prompt the user to install an app
  • Prompt the user to uninstall an app
  • Enumerate and send a list of installed apps to the server
With the discovery of this new threat to mobile phones running Android OS, it is necessary to download only those apps that are not only legitimate but also from sources you trust.