The Geinimi Trojan sends place co-ordinates, unique device identifiers, as well as a listing of installed apps on the infected device to a remote server. Additionally, it tin independently download applications as well as prompts the user to install them, mobile safety companionship Lookout said on Wednesday.
"Geinimi’s author(s) convey raised the sophistication bar significantly over as well as to a higher house previously observed Android malware yesteryear employing techniques to obfuscate its activities," Lookout said inwards a weblog post service on Wednesday. "In improver to using an off-the-shelf bytecode obfuscator, meaning chunks of command-and-control information are encrypted. While the techniques were easily identified as well as failed to thwart analysis, they did substantially growth the grade of campaign required to analyse the malware."
When an application containing the Trojan is launched on an Android device, the Trojan volition hold upwards inwards the background as well as collect data. At v infinitesimal intervals the Trojan volition campaign to connect to a remote server using i of x domain names and, if it establishes a connection, transmits information to the server.
The Trojan has "botnet-like" capabilities, according to Lookout, equally it tin reply to remote requests, only Lookout is silent to reveal evidence of a command server sending commands dorsum to Trojans on private devices.
The Trojan is distributed within applications, primarily games, that are redistributed on third-party Chinese Android app markets. Games that convey been repackaged to comprise the Trojan include Monkey Jump 2, City Defence as well as Sex Positions.
Lookout has non seen whatsoever applications containing the Geinimi Trojan inwards the official Google Android Market.
Lookout advises Android users to solely download applications from trusted sources as well as to banking enterprise jibe the permissions made yesteryear applications on app requests.
In September a variant of the Zeus banking Trojan, which is used to get together banking information, was found actively running on phones on the Symbian operating system.
Share This :
comment 0 Comments
more_vert