Virus attacks Android phones in China

A powerful virus targeting smart phones in China running Google’s Android operating system may represent the most sophisticated bug to target mobile devices to date, security researchers said on Thursday.

Anti-virus firm Lookout Mobile Security estimates that the number of cellphones that have been infected by the virus, dubbed Geinimi, ranges from the tens of thousands to hundreds of thousands.

Researchers said that the virus has yet to wreak havoc, though, and that they were unsure what its authors were seeking to accomplish.

“It is not clear to us what the purpose of it is,” said Kevin Mahaffey, chief technology officer for Lookout. “It could be anything from a malicious advertising network to an attempt to create a botnet.”

A botnet is an army of enslaved computers that its controllers can compromise for identity theft, use to launch attacks to shut down websites or turn into spam email servers. Still, the emergence of Geinimi underlines concerns that hackers are shifting from focusing on attacking PCs to targeting mobile devices as sales of the powerful handheld computers take off and users increasingly put sensitive data in their pockets.



Phones become contaminated with Geinimi when users download software applications that have been repackaged to include the virus, according to researchers from Lookout and Symantec.

Tainted programs include versions of the video games Monkey Jump 2, President vs Aliens, City Defence and Baseball Superstars 2010, according to Lookout.

Lookout researchers said that so far they have only found the tainted software at third-party apps stores targeting the Chinese market. Legitimate versions of the applications in the official Android market appear to be safe, they said.

Compromised phones call back to a remote computer for instructions on what to do at five-minute intervals. Then they transmit information on the device’s location, its hardware ID and SIM card back to the remote computer.

So far the remote computers have been collecting data but have not issued any other orders to the infected phones, Mahaffey said.

Liam Murchu, a research manager with anti-virus software maker Symantec, said that infected devices could be ordered to make calls, send SMSes and download other malicious software on to the phones. – Reuters

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Related stories

Advertising
Advertising

press releases

Loading latest Press Releases…

The best local and international journalism

handpicked and in your inbox every weekday