Android Malware called Geinimi discovered in the wild (Updated)
Malware is nothing new to users of computing devices. While the majority of malware is targeted towards Microsoft's Windows operating system on computers, it appears Google's Android operating system is now the target of malware for mobile devices.
ZDNet reported today that researchers have discovered a powerful trojan called Geinimi. The trojan, which appears to be target toward Chinese Android users, could allow anything from remote control of the Android-powered device to the creation of Android botnets.
According to CNET news,
Lookout Mobile Security…said Geinimi displays botnet-like qualities and is the most sophisticated wireless malware it has seen. Thus far, infected programs have only been seen on various Chinese app stores.
“Geinimi is effectively being ‘grafted’ onto repackaged versions of legitimate applications, primarily games, and distributed in third-party Chinese Android app markets,” Lookout said in a blog post on Wednesday.
The security firm said it has already updated both the paid and free versions of its software to protect against Geinimi.
This does not come as good news for the Android community, given many new Android-powered devices set to be announced at the Consumer Electronics Show 2011 next week in Las Vegas, Nevada. Furthermore, this is not good news for those of us in the Notion Ink community since Notion Ink's Adam tablet runs Google's Android operating system.
To stay safe, Lookout Mobile Security recommends the following:
Only download applications from trusted sources, such as reputable application markets. Remember to look at the developer name, reviews, and star ratings.
Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features the app provides.
Be aware that unusual behavior on your phone could be a sign that your phone is infected. Unusual behaviors include: unknown applications being installed without your knowledge, SMS messages being automatically sent to unknown recipients, or phone calls automatically being placed without you initiating them.
Download a mobile security app for your phone that scans every app you download. Lookout users automatically receive protection against this Trojan.
How will this malware affect our use of Adam? Will there be any way of removing the malware from Android-powered devices once the devices are infected? Will one have to format his/her Adam to remove the malware?
Share your thoughts about this and let us know what you think with a reply!
We have contacted Lookout Mobile Security for more information regarding Geinimi and will update this post when we receive a reply.
Update: We have received a response from Lookout Mobile Security regarding whether Geinimi can be removed from an Android-powered device after the device has been infected.
Lookout's response is the following:
Originally Posted by Lookout Mobile Security
Yes the malware can be removed. If a user has malware installed on their device, Lookout would detect it and prompt them to uninstall it. Currently Lookout protects against all instances of the malware discovered to date.
I think that within one or two weeks most android gadgets will be getting a security update :P
Probably before CES 2011 xD
Not all android gadgets will be getting it though, since most updates are, unfortunately, dependent not on google, but yes on manufacturer :S
well actually LOOKOUT is a good program it scans everyone of your apps when you install it. Real time security niiice..
I can recommend Lookout as well. Aside from virus scanning it offers the ability to locate your phone (on Google Maps) if it's lost or stolen, and even have the phone send out a loud scream. You can see info on it here.
That's referring to the Google app markets. Google has thier own, Archos also has theirs and Adam will have Genisis. For manufacturer's app markets, you can pretty much consider them safe. But there are also some "pirate" markets which may or may not be safe. Also, downloading apk (program) files by itself and installing could be risky.