Watch out, a new Android Trojan was found in wild

Watch out, a new Android Trojan was found in wild

A new threat for Android devices has been recently found in wild. Until now, the Android Trojan has only been downloaded from Chinese App markets, being “grafted” on to legitimate applications, mainly games.

This Trojan, also called “Geinimi” can do some great damage on your Android. For example, it can compromise a significant amount of personal data on a user’s phone and send it to remote servers. Once installed, this Android malware can receive commands from a remote server that allow the owner of that server to control your phone.

It might scare you a little but if you are cautious and pay attention, nothing will happen to your Android device.

Let’s talk a little about how it works. Well, the Geinimi Trojan runs in the backgrounds, collects different kinds of information and it will:
– Send location coordinates (fine location)
– Send device identifiers (IMEI and IMSI)
– Download and prompt the user to install an app
– Prompt the user to uninstall an app
– Enumerate and send a list of installed apps to the server

After it collects these precious information, five minutes later, it will try to connect to a remote server using one of these domain names:
– widifu . com
– udaore . com
– frijd . com
– islpast . com
– piajesj . com

So, do not go on these domain names, i’m sure you don’t want your Android device to get “sick”.

The Geinimi Trojan was reported on the Chinese app stores in games like Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010. The official Google Android Market have not been affected.

What do you have to do to stay protected:

– download apps only from trusted sources and try to look at the developer name and reviews
– check the permissions an app requests
– if you notice any unusual behavior on your Android device, this could be a sign that your phone is infected. For example: “unknown applications being installed without your knowledge, SMS messages being automatically sent to unknown recipients, or phone calls automatically being placed without you initiating them.

[Via mylookout]

The first Android virus discovered yesterday by Kaspersky

Trojan Virus AndroidThe first virus for Android devices was detected yesterday by Kaspersky Antivirus and the thing it does, send text messages (SMS) without you knowing.

This virus is a trojan named “Trojan-SMS.AndroidOS.FakePlayer.a“, has 13 KB dimension and installs itself along with a apparently harmless Media Player.

If this little devil will get into your phone it will send text messages (SMS) without your will, and not to your address book contacts, but to shorter numbers with surcharge.

So if you want to protect your Android device, download the software you need from trusted sites.