It is called Geinimi and it is the number one threat for Android smartphones: the virus is spreading at high speed in China, but there are fears for the rest of the world too. Geinimi resides on Android smartphones by exploiting third-party applications from “alternative” websites where apps can be found. Therefore, there is no danger for those who regularly use the Android Market.
How does Geinimi work?
Geinimi gathers information related to the smartphone (and therefore to oneself, consequently), managing to capture the device’s location, IMEI code, the address book of downloaded applications, and data from the SIM card. At this point, Geinimi is capable of deleting applications or uninstalling them, as well as – as can be easily inferred – this virus threat transmits all the information just acquired to one or more remote servers.
Goodbye privacy, and an always-open door to your smartphone.
The cybersecurity experts at Lookout Mobile Security have announced that Geinimi is the most powerful malware encountered to date, especially because it is a virus that we could define as insidious: once it has infiltrated the smartphone, it effectively takes control without the user realizing it immediately.
So far, only Android smartphones in China have been affected, however, this circumstance does not protect against future attacks, given that it is evident that a door has been opened to an Android trojan: it is nevertheless a precedent that malicious actors could exploit again, to compromise advertising networks or to create a dangerous botnet.
The only useful precaution to avoid Geinimi is to download applications only via the Android Market, avoiding other unofficial markets.
Furthermore, carefully evaluating whether to authorize the transfer of data to third parties, through downloaded applications, is a good method to filter and try to keep your smartphone clean.
Be the first to comment