0

Android Mobile Malware has Botnet-like Indicators

Hackers are now focusing on users of Google’s Android mobile operating system with a malicious application that harvests personal identifiable information and sends it to a remote server from where the information can be accessed and used by the hackers.

The malware, known as ‘Geinimi’, appears to be the first of its kind and has botnet-like capabilities targeted at the Android operating system, according to a spokesperson at Lookout Mobile Securities, a company developing mobile security software.

According to Lookout, Geinimi appears to target Chinese-speaking users of Android, and they were alerted to the malware by an unnamed user who wrote a post about it on a forum.

It was said that Geinimi was wrapped up in legitimate free and paid games for Android users. According to Lookout the game makers are unaware that their software is being used to distribute the malware.

Developers of identified games have been notified of the malware within their applications.

The majority of infected applications are found on third-party websites offering Android applications that have not been vetted for security.

Lookout is still in the process of analyzing Geinimi in order to determine the exact nature of information that is being transmitted.

Geinimi also logs and send the Android device’s location and other hardware identifiers, such as the IMEI and SIM card information to external servers. The malware can contact up to 10 domain names that are used to upload and store information to the server.

Due to Geinimi’s ability to contact multiple domains and obtain instructions from a command-and-control server, has lead Lookout to classify it with botnet-like capabilities.

Enjoyed this article? Submit your email to receive daily news and updates.

***You must click confirmation link sent in email. If you don't see the email, check spam folder.


Filed in: News, Security Tags: , ,

Leave a Reply

Submit Comment

© 2019 Tech Readers. Reproduction without explicit permission is prohibited. All Rights Reserved. XHTML / CSS Valid.