Geinimi Trojan Attracts attention of Information Security Professionals
by iClass - Tuesday, January 04, 2011
Recently,a new Trojan named Geinimi has attracted the attention of information security professionals. The Trojan created in the wild in China affects the Android operating system. Criminals may use the Trojan to gain access to personal data on mobile phones and redirect them to remote servers. Security researchers consider Geinimi as first Android malware, which has botnet-like features. Unwary mobile phone users may inadvertently download a seemingly legitimate but fake application loaded with Geinimi Trojan.
Once inserted on a mobile phone, a remote attacker can direct commands to the Trojan and gain control over the phone. Geinimi may help the remote attacker to track the location of the mobile user, gain International Mobile Equipment Identity (IMEI) and International Mobile Subscriber Identity (IMSI) numbers, automatic download of malicious files. The mobile user may be lured frequently to install and install applications. The attacker may also direct the Trojan to share the list of installed files.
IT professionals may use ethical hacking to evaluate the security of mobile phones and applications.
The tests may help an organization to understand the security threats in the mobile environment and initiate measures to prevent installation of Trojans, botnets and all forms of attacks from hackers. Some of the security evaluation tests on mobile devices include payload injections, social engineering attack and penetration tests.
Information stored in mobile phones is crucial not only for individuals, but also organizations such as intelligence agencies, law enforcement authorities, banks and financial institutions among others. The stored data may be highly significant for the aforesaid organizations as they may be useful for the successful completion of investigations and legal obligations. As such,information security needs due emphasis from IT security specialists.
EC-Council provides industry training and certification for information security professionals in ethical hacking among many other specializations. “Understanding how hackers exploit these vulnerabilities is a key requirement to hardening software and hardware. That is why EC-Council focuses on ethical hacking as an approach to information security evaluation” as stated by EC-Council’s Senior Director, Steven Graham. EC-Council through its Certified Ethical Hacker program has trained such information security professionals from all over the world.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences. The global organization is headquartered in Albuquerque, New Mexico.
6330 Riverside Plaza Ln NW
Albuquerque, NM 87120
Read More Press Releases
Get press releases by email