Ruh-Roh, a Trojan virus has been discovered and it’s infecting users who are downloading applications outside of the official Market. Dubbed Geinimi, the virus “grafts” itself onto repackaged original applications, and ignores all those pesky permission.
Lookout spotted the virus out in the wild, and has already sent out an update to address the issue. So if you use Lookout, be it the free or premium version, you should be good, and do not worry about this virus. Those who don’t download applications outside of the Android Market should be fine as well.
Though the virus has only been spotted in third-party Chinese app markets, it could reach further. That’s the scary part.
The virus can do the following to your handset (the scarier part):
- Send location coordinates (fine location)
- Send device identifiers (IMEI and IMSI)
- Download and prompt the user to install an app
- Prompt the user to uninstall an app
- Enumerate and send a list of installed apps to the server
From the LookOut blog:
Geinimi attempts to connect to a remote server using one of ten embedded domain names. A subset of the domain names includes www.widifu.com, www.udaore.com, www.frijd.com, www.islpast.com and www.piajesj.com. If it connects, Geinimi transmits collected device information to the remote server.
Ouch. Needless to say that we won’t be going to any of those sites any time soon, and we suggested you steer clear of them as well. Now that the world is moving more and more to the mobile space, so too are the hackers. Mobile security is becoming available in many different forms and services, and it really couldn’t have come at a better time. Always check the permissions of the apps you download, as you may find yourself downloading something as simple as a live wallpaper that asks for access to your contacts. Unless that wallpaper randomly throws pictures of your contacts onto the background, don’t download it!
Security on Android is one of the biggest concerns to many, but as the mobile OS grows, so will the security. So will the threats, but that goes for every mobile OS out there, too.