Android users who are going all bonkers downloading third-party apps other than the Android Marketplace resource need to seriously curb their actions, because there is an Android Trojan with botnet-like functionality lurking in the wild. Named as Gemini, this advanced Trojan developed for Android devices can compromise your personal phone data and let remote servers take control of your system.
How it unearthed
Gemini Trojan apparently popped-up from China via phony versions of legitimate applications that are being distributed as third-party apps.
How it works
After the user unintentionally runs the malicious apps containing Gemini, it collects includes location coordinates and unique identifiers for the device (IMEI) and SIM card (IMSI). Then it connects to a remote, a subset of the domain names includes www.widifu.com, www.udaore.com, www.frijd.com, www.islpast.com and www.piajesj.com. If it connects, Geinimi transmits collected device information to the remote server.
Gemini has the listed below capabilities
• Send location coordinates (fine location)
• Send device identifiers (IMEI and IMSI)
• Download and prompt the user to install an app
• Prompt the user to uninstall an app
• Enumerate and send a list of installed apps to the server
The apps that seem to be affected by Gemini are gaming applications posted in Chinese app stores, including Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010.
How to keep safe
• Only download apps from Android Marketplace
• If you want to download third-party apps then make sure you read publisher information and app ratings
• Download and install AVG anti-virus security to stay doubly safe