Mobile security firm Lookout today sounded the alarm on a new Trojan that apparently is affecting Android devices in China. It's called "Geinimi" and is piggybacking known legitimate apps, including Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010.

What havoc can it wreak? Says Lookout:

The specific information it collects includes location coordinates and unique identifiers for the device (IMEI) and SIM card (IMSI). At five-minute intervals, Geinimi attempts to connect to a remote server using one of ten embedded domain names. A subset of the domain names includes www.widifu.com, www.udaore.com, www.frijd.com, www.islpast.com and www.piajesj.com. If it connects, Geinimi transmits collected device information to the remote server.

You're probably going to have to go way, way out of your way for this to be a problem, though. REPEAT: We're not overly worried about this. You have to download and sideload an infected app through Chinese app stores. So unless you're doing that, you should be cool. 

That said, Lookout notes that Geinimi "did substantially increase the level of effort required to analyze the malware" and that it's updated its app to protect against the threat. So if you're running it, you're cool. [Lookout]

 
There are 25 comments

I thought linux couldn't get a virus?

TuxDotKing says:

First, it's not a virus, it's a Trojan. Trojans will exist on any operating system as long as there are users that can be tricked into running them.

Second, Linux is a kernel, not an operating system.

gksmithlcw says:

"Linux refers to the family of Unix-like computer operating systems using the Linux kernel."

http://en.wikipedia.org/wiki/Linux

"S: (n) Linux (an open-source version of the UNIX operating system)"

http://wordnetweb.princeton.edu/perl/webwn?s=linux

Don't be a douche...

TuxDotKing says:

I'm not the one throwing words like douche around to feel superior. Also, what I said is correct, Linux is just a kernel. You need other utilities and software around that to make an operating system, I'm sorry for making a side point to a bigger point that you simply chose to ignore in favor of insulting me. Stay classy bro.

gksmithlcw says:

"Linux is a free Unix-type operating system originally created by Linus Torvalds with the assistance of developers around the world"

http://www.linux.org/

Is there a reason we're still going on about this? Linux is an OS. Deal with it.

My whole point was not to be snarky to someone for no good reason.

Not to interrupt the virtual cockfight going on, but that's the worst definition of Linux (#2) that I've ever seen. Princeton even!

Carry on gentlemen.

gksmithlcw says:

Jerry... I agree that Linux is NOT an Open-Source version of UNIX, but it is a UNIX-like OS.

bousozoku says:

Maybe, you should learn the proper meaning of the words you use. Douche is cleansing. Linux is just the kernel, but many people use it as if pertains to any distribution, just as they use that other word--loosely.

Just because people use it commonly doesn't mean that it's correct.

VagrantRadio says:

Douche is french for medically or hygienically introducing a stream of water into the body or the stream of water itself, not necessarily "cleansing".

Since we're being correct and whatnot, just sayin'.

gksmithlcw says:

I used 'douche' colloquially as it is used today in pop culture and I did so quite intentionally.

Linux IS an OS. It is ALSO a kernel.

WhitePhone says:

You would think trojans would already be included in that sex positions app.

taharka says:

rofl

Zing!

El Jefe says:

Nah...it is so much better without a Trojan. :-)

moosc says:

Not getting enough downloads so let's cry wolf for folks to buy our app.

Jperez 85 says:

PSST...

>.>

<.<

lookout is free, you only pay if you want the other options. it'll still protect your phone and scan new installs.

davidnc says:

pffffft ,,,,, lol ...however some features you have to pay for , like the external wipe , etc. ;)

Kodros says:

I agree. This is the same company that blew some other app's issues out of proportion and cause a major poop storm. Their initial claims were completely false for that one. In the end, it was just some app developer saving your email or something so that you could keep your favorite wallpapers bookmarked across different phones. They initially reported that there was a trojan that was using your SMS/MMS without your knowledge.

Halt. No, they weren't. Their involvement began when WE contacted them with questions about the breaking news, and they explained exactly what the app was doing, and that while not the best practice, wasn't malware in any way -- basically the same response Google gave.

Hate on them if you like, but let's not smear them OK? Especially when I'm the one that got them involved, and want them to have no fear the next time I come calling :)

tim242 says:

While spyware is not good, I think calling it a trojan is exaggerating. Tons of apps are spying on us. It almost seems like lookout is trying to scare people into using their product.

noszero says:

Trojans from a sex game.. am I the only one who sees the justice in that? Lol. Seriously thanks for the tip. Identity Theft is bad.

dtreo says:

Thanks for the tip...just the tip.

Bundy#AC says:

I wonder how much it cost Lookout to have the trojan created? Do you think they got a discount for spelling "Gemini" wrong?

davidnc says:

actually Lookout probably would not make a trojan they created to be detected , IF they did not want it to be . They would code it so their security would not even scan it , thus not detect it .

Hmmmmmmm :/ ....the good, bad , and evil of it all , ha

carlsmith says:

Isn't there any anti-virus available in the market for it...?
colon lipo