‘Gemini’ Attacks Android Smartphones in China, U.S. Next?

Malicious hackers have started targeting smartphones and devices running Google’s Android operating system are a particularly juicy target. One piece of malware making headlines right now is Gemini. This trojan has the capability to download all information off of an Android smart phone and even take control of the phone itself.

Before you get worked up into a panic, keep in mind that Gemini has only been spotted in China so far. Whoever developed or at least deployed it is counting on user ignorance. The distribution method is quite simple: it is being hacked into legitimate applications offered on third-party Android app markets. Users download these apps thinking that they are legitimate and that’s when Gemini goes to work. (To Google and Android’s credit, the infected apps do request far more access to devices than the original apps they hide inside of.)

After Gemini has gained access to an Android phone, it then goes to work. Its list of abilities include transmitting a user’s location, downloading apps by itself, sending your contacts list and finally, turning the phone into a part of a potential bot-net. There are two theories being tossed around right now about Gemini and its ultimate goal. Either it is part of a malicious advertisement network seeking to maximize its profits by blatantly violating people’s privacy or run by outright criminals seeking to steal personal information and potentially launch mobile based attacks through a bot-net.

While Gemini has not yet shown up in the United States, the potential is definitely there. Many bot-nets are run out of counties that were once part of the USSR. Once these guys get their hands on it, anything is possible. Given Android’s fairly open app distribution system, the potential for widespread havoc is definitely there.

Remember, only download and install apps from app markets that you trust and if an app asks to be allowed access to things that have nothing to do with what it does (for example: a game asking for permission to access your contacts, location, etc.) then delete it. It’s a simple as that.

Worried about the emerging threat of hackers trying to steal very personal data off of your phone? Just think about how crazy things could get once smartphones start using NFC (near field communication) chipsets to function as digital, wireless credit cards. Now that could be a disaster if your phone is infected.

Tags: , , ,