Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    As the year ended, a new threat for the Android OS was found in ANDROIDOS_GEINIMI.A, which spread from certain third-party app stores in China.

    This new threat spread using legitimate applications distributed via third-party stores. These versions, however, were Trojanized to add malicious code. These run completely in the background with no visible differences from the legitimate application. The added code steals a wide variety of information from the user’s phone such as:

    • Installed/Running applications
    • Subscriber information (IMSI number, SIM serial number, network provider, etc.)
    • Phone information (IMEI number, manufacturer, model, etc.)
    • Current user’s location (via GPS)

    Some reports described this as a mobile botnet that is capable of issuing commands associated with botnets such as installing/removing apps. It also examines the user’s contact list and messages. However, it’s not clear if it can really act as a full botnet, as no commands have actually been sent to affected smartphones. What the people behind this attack will do with the wealth of information they gather remains unclear.

    Trend Micro protects users via the just-launched Trend Micro™ Mobile Security for Android. In particular, it is capable of monitoring apps in real time and blocking the execution of malicious code:

    Click for larger view

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice