The malware sends personal data of a user’s phone to a remote server and is also capable of receiving commands from, controlled by hackers, remote servers, in order to control the phone. Mobile security firm Lookout describes the malware as the most sophisticated to appear on Android devices wich has been uploaded onto third-party Chinese Android app markets, poses as gaming applications(Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense, Baseball Superstars 2010).

When Geinimi is launched, collects significant information like location coordinates, unique identifiers for the device (IMEI) and SIM card (IMSI) and attempts to connect to a remote server to transmit the collected device information.

The security firm already updated both free and paid versions of its software to protect against Geinimi.

source:http://blog.mylookout.com/2010/12/geinimi_trojan/

The Kenzero Trojan is included in a fake adult anime game which is shared through Winni P2P network. When a victim downloads and executes the file, the malware scans victim’s computer for personal information, such us Computer name, browsing history, downloaded files, favourite pages, OS version and clipboard dump while it opens a registration installation window demanding personal information. After gathering all posible information, it publishes them on a public web page and sends an email from a company “Romancing, Inc.” which accuse victims for downloading copyrighted material. The mail includes a law threat to the victims to settle the copyright violation and offers to resolve it for a 1500 yen (~16$) fee. Also, as noted in Trend Micro’s Blog article, it also downloads ,in victim’s computer, 3 copyrighted MP3 files, possibly to extend the threat.

More than 1500 people reported that fell victims of the malware, according to local paper Yomiuri Shimbun, however its unknown how many payed the copyright infringement fee.

That’s the second similar issue this week as earlier was reported, here, a fake ICCP Foundation which demanded 400$ for copyright issues.