'Geinimi' trojan infecting Chinese Android devices

[nsane.forums]

A new Android trojan is currently running amuck in China and could threaten the rest of the Android ecosystem if it is not contained. The 'Geinimi' virus is currently kicking around in China, and is stealing personal user information from the host device. The trojan disguises itself as a legitimate application such as Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010 but also contains the malicious code.

Lookout Mobile Security, via TGDaily.com, is reporting that "Geinimi’s author(s) have raised the sophistication bar significantly over and above previously observed Android malware by employing techniques to obfuscate its activities. In addition to using an off-the-shelf bytecode obfuscator, significant chunks of command-and-control data are encrypted".

Currently the trojan is not infecting any application on the marketplace, and is only infecting repackaged applications. When an infected file is run on the host device, the trojan will run in the background, gather personal information from the device and send it back to a host server on five minute intervals.

While this is far from a dooms day trojan, it is the second "virus" to inflict android users. If these events keep happening, it could put a negative PR spin on the Android platform itself and may hurt its overall reputation, something Apple recently exploited Microsoft for in advertising campaigns.

View: Original Article