Malware takes advantage of Android smartphones like Botnets

Hackers are targeting mobile phones running Android with the aim of turning them into Botnets with remote control servers and starting collecting victims' data.

Hackers are targeting mobile phones running Android with the aim of turning them into Botnets with remote control servers and starting collecting victims' data.

One of them is "Geinimi", it seems that this is one of the first Malware to implement the above-mentioned acts aimed at the Android platform, said Kevin Mahaffey, chief technology officer of Lookout Mobile Security (a company. Smartphone security based in San Francisco, California, USA).

Malware takes advantage of Android smartphones like Botnets Picture 1Malware takes advantage of Android smartphones like Botnets Picture 1

Geinimi appeared primarily to target Android users in China, Lookout discovered this malware after appearing on an article on a forum about it. Lookout researchers think this is a "promotional gift" attached when users download Android Game apps from unknown sources.

"We are reporting this information to developers , " Mahaffey said.

Applications for Android that appear on third-party websites are applications that are unsecured because they are not yet moderated, and usually such applications will be downloaded thousands of times.

Geinimi is being "dissected" and has not been able to determine the author's intent when writing this malware, but with these signs may increase security concerns for Android.

Geinimi communicates and receives commands from a remote server, it can download software that users do not want or remove pre-installed software, Android users who are reminded more must be more careful. But the concerns are still there, Mahaffey said.

"It could be a program used to download more malware machines," he said.

Geinimi also "snatches" other information from users such as hardware information, IMEI code, number and information about sim card "pay tribute" for remote control servers every 5 minutes. It can also send a list of "victims" and can use up to 10 names to use to download remote servers the information it collects.

With such characteristics, Mahaffey asserts that it is a Botnet.

However, it is still unclear what Geinimi's main goal is for it to go beyond collecting user information."It can create anything from an advertising network to an expanding Botnet network," Mahaffey.

4.5 ★ | 2 Vote