Mystery virus hits smartphones
By Jim Finkle |
January 1, 2011, Saturday
|
Print Edition
Print Edition
A MYSTERIOUS virus targeting smartphones in China running Google Inc's Android operating system may represent the most sophisticated bug to target mobile devices to date, security researchers have warned.
Anti-virus firm Lookout Mobile Security estimates that the number of phones infected by the virus could range from the tens of thousands to hundreds of thousands.
However, no one yet knows what the authors of the powerful virus - dubbed Geinimi - are seeking to accomplish. Researchers said that the virus has yet to wreak havoc, and are trying to establish its authors' intentions.
"It is not clear to us what the purpose of it is," said Kevin Mahaffey, chief technology officer for Lookout. "It could be anything from a malicious advertising network to an attempt to create a botnet."
A botnet is an army of enslaved computers that its controllers can compromise for identity theft, use to launch attacks on websites or turn into spam e-mail servers.
The emergence of Geinimi underlines concerns that hackers are shifting from focusing on attacking PCs to targeting mobile devices as sales of powerful handheld computers take off and users increasingly put sensitive data in their pockets.
Phones become contaminated with Geinimi when users download software applications repackaged to include the virus, according to researchers from Lookout and Symantec Corp.
Tainted programs include versions of the video games Monkey Jump 2, President vs. Aliens, City Defense and Baseball Superstars 2010, according to Lookout.
Lookout researchers said that so far they have only found the tainted software at third-party apps stores targeting the Chinese market.
Legitimate versions of the applications in the official Android market appear safe.
Compromised phones call back to a remote computer for instructions on what to do at five-minute intervals. Then they transmit information on the device's location, its hardware ID and SIM card back to the remote computer.
So far, remote computers have been collecting data but have not issued any other orders to infected phones, Mahaffey said.
Liam Murchu, a research manager with anti-virus software maker Symantec, said infected devices could be ordered to make calls, send texts and download other malicious software onto the phones.
Anti-virus firm Lookout Mobile Security estimates that the number of phones infected by the virus could range from the tens of thousands to hundreds of thousands.
However, no one yet knows what the authors of the powerful virus - dubbed Geinimi - are seeking to accomplish. Researchers said that the virus has yet to wreak havoc, and are trying to establish its authors' intentions.
"It is not clear to us what the purpose of it is," said Kevin Mahaffey, chief technology officer for Lookout. "It could be anything from a malicious advertising network to an attempt to create a botnet."
A botnet is an army of enslaved computers that its controllers can compromise for identity theft, use to launch attacks on websites or turn into spam e-mail servers.
The emergence of Geinimi underlines concerns that hackers are shifting from focusing on attacking PCs to targeting mobile devices as sales of powerful handheld computers take off and users increasingly put sensitive data in their pockets.
Phones become contaminated with Geinimi when users download software applications repackaged to include the virus, according to researchers from Lookout and Symantec Corp.
Tainted programs include versions of the video games Monkey Jump 2, President vs. Aliens, City Defense and Baseball Superstars 2010, according to Lookout.
Lookout researchers said that so far they have only found the tainted software at third-party apps stores targeting the Chinese market.
Legitimate versions of the applications in the official Android market appear safe.
Compromised phones call back to a remote computer for instructions on what to do at five-minute intervals. Then they transmit information on the device's location, its hardware ID and SIM card back to the remote computer.
So far, remote computers have been collecting data but have not issued any other orders to infected phones, Mahaffey said.
Liam Murchu, a research manager with anti-virus software maker Symantec, said infected devices could be ordered to make calls, send texts and download other malicious software onto the phones.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
