Android malware is first to be able to receive instructions remotely and join botnets

Dark Reading Staff, Dark Reading

January 3, 2011

1 Min Read

A new, more sophisticated Trojan for Android devices has been spotting lurking on third-party Chinese Android app markets, researchers said last week.

According to a report by Help Net Security, researchers at the security firm Lookout believe the new Trojan, dubbed "Geinimi," is the first-ever piece of Android malware that has the capability to receive instructions from a remote server and thus become part of a botnet.

"Geinimi is attached to compromised versions of legitimate applications -- mostly games such as Monkey Jump 2, President vs. Aliens, City Defense, and Baseball Superstars 2010," the report states.

"So far, Geinimi has been spotted being distributed only through third-party Chinese app stores," according to Help Net Security. "Versions of these applications on the official Google Android Market have not been compromised."

Until now, the server hasn't been spotted sending instructions to the Trojan, so its final purpose is not yet clear, the researchers told Help Net Security. The malware can download and prompt the user to install or uninstall an app or transmit a list of all the installed apps on the device to the server.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights