The firm claims the trojan may be the most advanced bit of Android malware to date and is the first to display “botnet-like capablities.” That means that once the trojan is installed on an Android phone, a remote server will be able to access the device and gain a level of control over it — frightening stuff, indeed.
So far Gemini has been observed grafted onto legitimate apps — primarily games — that are downloaded to Android smartphones by unknowing patrons of third-party Android app stores. The infected apps reportedly then request an abnormal level of access to devices and then, boom, it’s a zombie-phone.
Once a device is infected, Gemini is capable of doing a host of nasty things: sending out user’s location, transmitting device identifiers, and downloading apps and then prompting the user to install them. It’s also capable of delivering a list of installed apps to an outsider server.
Just last week, security firm McAfee cited mobile platforms — including Android and iPhone devices — as top targets for cyber-criminals in the year 2011.
It’s not clear what Gemini’s masterplan is just yet, but one possibility is that it’s part of the schemings of a malicious ad network. So far, Gemini has only been spotted in apps from third-party Android marketplaces in China. If you’re not in China and are hypersensitive to mobile malware threats, you may want to consider sticking with apps from secure and trusted sources just to be safe.
- 500,000 people downloaded QR code apps with embedded malware from Google Play
- The best keyboards for Android that will help you type efficiently in 2018
- How to remove Android malware from your phone or tablet
- From pranks to nuclear sabotage, this is the history of malware
- Everything you need to know about Android 8.0 Oreo