September 30, 2016

Geinimi: New Android Data Stealing Trojan

Geinimi, a new Android data stealing Trojan affecting Android cell phones in China.

According to Lookout blog reports, this Trojan can compromise a significant amount of personal data on a user’s phne and send it to remote servers. Geinimi is also the first Android malware in the wild that displays botnet-like capabilities. Once the malware is installed on a user’s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone.

“Geinimi is effectively being “grafted” onto repackaged versions of legitimate applications, primarily games, and distributed in third-party Chinese Android app markets. The affected applications request extensive permissions over and above the set that is requested by their legitimate original versions. Though the intent of this Trojan isn’t entirely clear, the possibilities for intent range from a malicious ad-network to an attempt to create an Android botnet.”, stated in the report.

In addition to the personal data such as address book, the Trojan can also read out the cell phone’s position data, device ID (IMEI), SIM card number (IMSI), and a list of the installed apps.

More information is available here.

Source:[blog.mylookout.com]

Android holes allow secret installation of apps

Security researchers have demonstrated two vulnerabilities that allow attackers to install apps on Android and its vendor-specific implementations without a user’s permission. During normal installation, users are at least asked to confirm whether an application is to have certain access rights. Bypassing this confirmation request reportedly allows spyware or even diallers to be installed on a smartphone.

Read the full story here.

Source:[TheHSecurity]

Back door exploit for Android phones

A security expert working at Alert Logic has published a demonstration back door exploit for smartphones running Android. Criminals could use the principles of this exploit to gain control of a phone and install trojans. A potential victim need only call a malicious web site for infection to occur.

Read the full story here.

Source:[TheHSecurity]