Android Trojan dubbed ‘Geinimi’ found in legitimate applications

There’s a new threat affecting Android devices; the Trojan dubbed ‘Geinimi’ originates from China and is capable of gathering a significant amount of personal data from a user’s phone and send it to remote servers.

According to Lookout Mobile Security firm, Geinimi is the first Android malware that displays botnet-like capabilities. Once the malware has been installed on the user’s phone it can be taken over by receiving commands from a remote server.

Lookout states that Geinimi is effectively being “grafted” onto repackaged versions of legitimate applications, primarily games, and distributed in third-party Chinese Android app markets.

Some of the games that Lookout has identified are: Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010. These are instances of the games repackaged with the Trojan; the original versions are available in the official Google Android Market and are not affected.

At the time of this writing, Geinimi has only been found being distributed through third-party Chinese app stores. Lookout has not found any applications compromised by the Geinimi Trojan in the official Google Android Market.

Protect yourself by only downloading applications from trusted sources and always check out the developer’s name and user reviews. Always check the apps permission request and stay alert on any unusual behavior your phone might exhibit after installing an app. By not enabling “Unknown sources” in your Android device, will prevent you from downloading third party apps.