Geinimi is such a nasty malware that is distributed through applications and steals data from your phone.
According to Lookout, Geinimi is launched with an infected application and collects location data as well as unique identifiers for the device and the SIM card. In intervals of five minutes the trojan attempts to transmit collected data to an integrated list of ten domain names, including www.widifu.com, www.udaore.com, www.frijd.com, www.islpast.com and www.piajesj.com. Lookout said that the communication apparently is only one-way at this time and there is no evidence that the servers in fact send commands back to an infected phone.
The intent and purpose of Geinimi is not clear at this time, but the security firm believes that one of the possibilities could be an attempt to build an Android botnet. The advice to users is to not install software from sources that aren't trusted. The biggest giveaway of infected apps are excessive information and feature access requests. In Geinimi's case, the app asks for location coordinates, device identifiers, the permission for installing and uninstalling of apps, and a list of installed apps on a device.
Users who are affected by a virus will need anti-malware software to remove Geinimi, Lookout said.
