There’s a new threat in town. And by town, I mean China. Malware authors have created a bit of code called Geinimi that hitchhikes on existing apps when they are redistributed on third-party markets. At the moment it doesn’t do much but lurk, but its capabilities resemble that of a botnet server, according to Lookout, a company that makes antivirus software for Android.

So far the code has been identified as being able to send out your location, IMEI, app list, and to download apps. There could be more, and it likely has the ability to modify itself. Users outside of China are apparently at little risk, and at any rate your security is in your own hands: if you’re downloading a to-do list app and it wants access to your GPS and calling functions, that’s probably bogus.

Stay safe out there, kids.

[via Gadget Lab]