Oh that crappy ol’ Geinimi Trojan making its way around the Android world has been analyzed those superheroes of mobile security: Lookout (or lookout, with the lower-case L if you please.) Making a big bad name for themselves since their inception, this is definitely a power-play on the part of those that plant the nice green leaf at the upper-left of your Android screen. They’ve taken the time to take apart the trojan for your pleasure and so that you might be smart when it comes to avoiding or, god forbid, dealing with it.
They list the capabilities of the trojan which include the ability to: Read and collect SMS messages, Send and delete selected SMS messages, Pull all contact information and send it to a remote server (number, name, the time they were last contacted,) Place a phone call, Silently download files, and Launch a web browser with a specific URL. Harsh! Wait. What’s it actually do then? That, believe it or not, is a detail still unknown.
Is this something to be frightened of? Sure, why not? Would you like to know more? Of course! Take a look at the Geinimi_Trojan_Teardown.pdf provided by the security group. Also head over to the breakdown post at their official Lookout Blog, and leave comments below if you’ve experienced the evil. High five to Lookout too, as their analysis continues.
What exactly did they tear down? The permissions the app asks for on the phone? Am I missing something? Does it piggyback in without asking for these permissions? Sorry but to me Lookout as they’ve been doing from the get go is trying to stir up something to be much bigger than it is. Simply watch where you sideload things from. The vast majority of users don’t even turn this feature on.