Security Alert! Geinimi, new Android Trojan has been found

Lookout’s blog has announced that there has been a new Trojan found that affects Android handsets.  It seems that it started out by being placed inside what looked like legitimate Android apps in China, but the permissions were far outside of what would have been needed.  The information was then sent to a remote server where everything could be controlled from the phone.

Fortunately for those who have lookout’s free service, they are protected against this.  (As well as providing a fix for those who don’t yet have it.)

The website goes more in-depth on the trojan stating:

Though we have seen Geinimi communicate with a live server and transmit device data, we have yet to observe a fully operational control server sending commands back to the Trojan. Our analysis of Geinimi’s code is ongoing but we have evidence of the following capabilities:

  • Send location coordinates (fine location)
  • Send device identifiers (IMEI and IMSI)
  • Download and prompt the user to install an app
  • Prompt the user to uninstall an app
  • Enumerate and send a list of installed apps to the server

While Geinimi can remotely initiate an app to be downloaded or un-installed on a phone, a user still needs to confirm the installation or un-installation.

Just a friendly reminder that when downloading non-market apps, you always run this risk, so be sure you know what you’re getting yourself into, and check those permissions!

About author

AndroidGuys
AndroidGuys 4641 posts

Founded on November 5, 2007, we've enjoyed bringing you the latest in Android news and rumors. Updated daily, we strive to deliver reviews, opinions, and updates on all things related to Android.

You might also like

News and Rumors

Huawei 8220 Confirmed as T-Mobile Pulse by FCC

Just mentioned a few days ago, the T-Mobile Pulse finds itself becoming a bit more official.  Thanks to a little bit of FCC approval, we’re seeing a clearer picture for

News and Rumors

ARCHOS 7 Announced, First Large Screen Android Tablet Under $200

Today find Archos formerly announcing their ARCHOS 7 home tablet which aims to bridge the gap between smart phone and desktop computers. With its 7-inch touch screen (800×480) and sleek

News and Rumors

Samsung Website Shows SCH-R880 (Acclaim) in Full Color Glory

Samsung’s SCH-880 “Acclaim” has been spotted on the Korean handset maker’s website thanks to a somewhat curious Engadget reader.  This is the first time we’ve seen what the phone looks

5 Comments

  1. Keefers
    December 30, 15:32 Reply

    I also read that phones that have” lookout”are safe from the trojan. Any truth to that?

    • Paul Weston
      December 30, 21:04 Reply

      Yes, according to Lookout, themselves, if you have Lookout installed, you are safe!

  2. Cassidy James
    December 30, 15:46 Reply

    Third-party Chinese app stores. So… not a problem for the Google-approved Android devices. Right?

    • Paul Weston
      December 30, 21:06 Reply

      Apps from the Google Market should be safe, but always be sure to check the permissions when downloading any app!

  3. Android Development
    January 12, 07:15 Reply

    One good thing is even after Geinimi downloads an add-on package it will prompt you to authorize the installation. That can save a lot many people to stop the installation.

Leave a Reply