SOPHISTICATED MOBILE PHONE VIRUS ATTACKS ANDROID PHONES IN CHINA

‘Most sophisticated

mobile virus’

starts spreading on

Android smartphones

December 31, 2010 – 10:00AM
The Google Nexus One smartphone, seen here at its launch in Washington in January, uses the company's Android software.
Targeted … Google Android phones. Photo: AFP

A very powerful virus targeting smartphones in China using Google’s Android operating system may represent the most sophisticated bug to target mobile devices to date, security researchers stated.

Anti-virus firm Lookout Mobile Security estimates that the number of phones that have been infected by the virus, dubbed Geinimi, could be tens of thousands or hundreds of thousands.

Researchers said that the virus has yet to wreak havoc, though, and that they were unsure what its authors were seeking to accomplish. 

“It is not clear to us what the purpose of it is,” said Kevin Mahaffey, chief technology officer for Lookout. “It could be anything from a malicious advertising network to an attempt to create a botnet.”

A botnet is an army of enslaved computers that its controllers can compromise for identity theft, use to launch attacks to shut down websites or turn into spam email servers.

Still, the emergence of the Geinimi virus underlines concerns that hackers are shifting from focusing on attacking PCs to targeting mobile devices as sales of the powerful handheld computers take off and users increasingly put sensitive data in their pockets.

Phones become contaminated with Geinimi when users download software applications that have been repackaged to include the virus, according to researchers from Lookout and Symantec Corp.

Tainted programs include versions of the video games Monkey Jump 2, President vs. Aliens, City Defense and Baseball Superstars 2010,Lookout said.

Lookout researchers said that so far they have only found the tainted software at third-party apps stores targeting the Chinese market. Legitimate versions of the applications in the official Android market appear to be safe, they said.

Compromised phones call back to a remote computer for instructions on what to do at five-minute intervals. Then they transmit information on the device’s location, its hardware ID and SIM card back to the remote computer.

To date the remote computers have been collecting data but have not issued any other orders to the infected phones, Mahaffey said.

Liam Murchu, a research manager with anti-virus software maker Symantec, said that infected devices could be ordered to make calls, send text messages and download other malicious software onto the phones.

Reuters

Sourced & published by Henry Sapiecha


Tags: , , , ,

Leave a Reply