China Malware ‘Gemini’ Strikes Google’s Android OS Again


It would appear that anything with the Google name is setting itself up for a “hack attack” of sorts. Whether the attacks are on individual Gmail accounts, Google Search or other Google products, the fact remains that “everyone” loves to hack anything Google. Now, it has been reported that Chinese web servers are hosting a vicious form of malware that attacks only smartphones using the Android OS. Yes, Gemini is back.

How Does Gemini Infect Smartphones?

The prolific nature of this Android hack attack stems from the way it works against the smartphones. According to the report, it infects the devices much like the Gemini worm and Trojan combination would infect a computer. Disguising itself as a legitimate application, game, or other software program, Android users are tricked into downloading and installing the games or applications that are infected with the Gemini malware.

Some of the “games” that are known to contain the malware include “Monkey Jump 2,” “Presidents vs. Aliens,” “City Defense,” “Sex Positions,” and “Baseball Superstars 2010,” but there could be others as well. These also happen to be some of the more popular downloads in China of late, which could explain why the malware is spreading so quickly.

What Does Gemini Do?

After the user installs the “games,” the malicious intent of the software immediately makes itself known. How? Well, most games and apps will request access to the Internet for legitimate reasons, such as to play against other online users, keep score and download updates. However, the Gemini malware makes “game” requests more often than any legitimate application would normally make.

Gemini also accesses three specific servers associated with the malware creator including widifu.com, frijd.com, and piajesj.com, all of which are registered to a single person in Shanghai, China. Apparently, the malware is transmitting all the information it has collected since the user installed the software to these domains including personal and private information.

Past Android Hack Attacks


Unfortunately, this is not the first time that the Google Android OS platform has been targeted this year. In August 2010 it was revealed by Kaspersky Lab, a Russian security software manufacturer, that it had discovered the first Google Android OS-specific malware, which was found on the Nexus One smartphone. The malware, called Trojan-SMS, disguised itself as a media player for Android called “Movie Player.” As the name suggests, the malware targeted SMS messages, sending them to a mobile phone number that charged the smartphone account a premium rate.

The messages were sent without the account owner’s knowledge or consent, much like what happens when a computer is infected by a botnet or email virus that sends spam emails to a contact list. The difference here is that the user was charged massive fees-five dollars and sometimes more-for each message sent.

Smartphone Protection

The problem is that when a mobile device becomes infected, it is not as easy to get rid of the infection as it is with a computer. While being as careful as possible when downloading and installing applications and games can certainly curb many of the hack attacks and malware that one could run into when using a smartphone, it is not the only line of defense available.

Just like you would a computer, having an up to date and active anti-virus or anti-malware program can help stop these attacks from happening. Many smartphone users are not aware that many anti-virus software makers also provide anti-virus software for mobile devices as well. The best bet is to check with the manufacturer of your computer anti-virus provider; chances are that the company also offers protection for a smartphone and at a decent price.

Jessica (JC) Torpey is a self-taught computer technician with more than 10 years experience in the field. JC’s passion is studying the various political and business aspects of the technology industry. Combining that knowledge with her love of computers, JC uses it to influence her writing.

Article source: http://news.yahoo.com/s/ac/20110103/tc_ac/7505736_china_malware_gemini_strikes_googles_android_os_again_1


Tags: Spyware., virus, walware

Category: Virus/Malware

Gregory Evans | LinkedIn

Interview With Gregory Evans

Gregory Evans Security Expert

Gregory Evans on Cyber Crime

Leave a Reply