* Virus targets Chinese smart phones running Android OS
* Hundreds of thousands may be infected
By Jim Finkle
BOSTON (Reuters) - A powerful virus targeting smart
phones in China running Google Inc's Android operating
system may represent the most sophisticated bug to target
mobile devices to date, security researchers said on Thursday.
Anti-virus firm Lookout Mobile Security estimates that the
number of phones that have been infected by the virus, dubbed
Geinimi, ranges from the tens of thousands to hundreds of
Researchers said that the virus has yet to wreak havoc,
though, and that they were unsure what its authors were seeking to
"It is not clear to us what the purpose of it is," said
Kevin Mahaffey, chief technology officer for Lookout. "It could
be anything from a malicious advertising network to an attempt
to create a botnet."
A botnet is an army of enslaved computers that its
controllers can compromise for identity theft, use to launch
attacks to shut down websites or turn into spam email servers.
Still, the emergence of Geinimi underlines concerns that
hackers are shifting from focusing on attacking PCs to
targeting mobile devices as sales of the powerful handheld
computers take off and users increasingly put sensitive data in
Phones become contaminated with Geinimi when users download
software applications that have been repackaged to include the
virus, according to researchers from Lookout and Symantec Corp
Tainted programs include versions of the video games Monkey
Jump 2, President vs. Aliens, City Defense and Baseball
Superstars 2010, according to Lookout.
Lookout researchers said that so far they have only found
the tainted software at third-party apps stores targeting the
Chinese market. Legitimate versions of the applications in the
official Android market appear to be safe, they said.
Compromised phones call back to a remote computer for
instructions on what to do at five-minute intervals. Then they
transmit information on the device's location, its hardware ID and
SIM card back to the remote computer.
So far the remote computers have been collecting data but
have not issued any other orders to the infected phones,
Liam Murchu, a research manager with anti-virus software
maker Symantec, said that infected devices could be ordered to
make calls, send text messages and download other malicious
software onto the phones.
(Reporting by Jim Finkle; Editing by Phil Berlowitz)
© 2015 Thomson/Reuters. All rights reserved.