Language:
Virus Alerts
renew your license


Mobile Alerts

FlexiSpy
CommWarrior.B ES
Crossover
RedBrowser.A
•Cardtrp A
•Doomboot.A
•BlueBugging
BlueSnarfing
Brador
Cabir
CommWarrior
Dampig
Drever
Duts
Fontal
Gavno
Hobbes
Lasco
Locknut
Mabir
Metal Gear
Mosquitos
Skulls

New Symbian Trojan Found-Doomboot.A
07.01.05 - A new Symbian trojan called Doomboot.A has been found. Doomboot.A is a trojan
that installs Commwarrior.B onto your Symbian phone and disrupts phone functionality in a new way.

The full story >>
New Skulls.L Variant Poses as Anti-Virus Software
06.15.05 - The new Skulls.L variant, discovered yesterday, poses as a cracked copy of F-Secure's anti-virus software. The Skulls trojan disables key functions of your phone and replaces icons with a menacing skull.

The full story >>
 LATEST THREATS....
FlexiSpy - 03/30/2006

FlexiSpy is a Symbian OS based trojan that records phone calls and SMS messages and sends them to a remote server. It is meant to be an actual application that is designed for this purpose. But it runs stealthily without an indication of its purpose and hence is classified as a trojan.

 
Commwarrior.B variant - 03/07/2006

This worm is a minor variant of Commwarrior.B localized to Spanish. All the messages used by Commwarrior to spread is translated to Spanish by this variant. This is already detected by SMobile as a Generic Commwarrior.

 
Crossover - 3/1/2006

This Trojan cross-infects mobile devices from a PC. When executed from Win32, the Trojan checks what version the current OS is; if it is not Windows CE or Windows Mobile, the virus makes a copy of itself and puts a startup command in the registry key of local-machine-current-version-run. The trojan then quietly waits for an ActiveSync connection to be detected; it can wait indefinitely. When an ActiveSync connection is detected, the trojan automatically copies itself to the handheld device and remotely executes the trojan. The handheld device is now infected. The Trojan will then begin to delete documents on the handheld. Not known to be in the wild.

This explanation is taken from http://www.informit.com/articles/article.asp?p=458169&seqNum;=3 published by MobileAV.org

 
RedBrowser.A - 03/01/2006

A Trojan which is a J2ME based midlet. It sends SMS messages to a particular phone number, resulting in the user having to pay for the messages. It masquarades itself by pretending to allow access to WAP sites using SMS messages. However, each time the SMS message is sent to the same number: 1615. This malware is completely in Russian, which might make the possibility of it affecting other countries low.
 
Symbos_cardtrp.a

Trend said the Symbos_cardtrp.a virus originated in Symbian Series 60 mobile phones and could spread to PCs running Windows.

Mobile devices can be infected in three ways. As with other mobile viruses reported...

... in recent months, mobile phones can be infected via Bluetooth short-range wireless links from other devices or via MMS (multimedia messaging service) messages sent over mobile networks.

Users can also become infected by downloading malware onto their phones from the web.
 
Doomboot.A - For release July 1, 2005

A new Symbian trojan called Doomboot.A has been found. Doomboot.A is a trojan
that installs Commwarrior.B onto your Symbian phone and disrupts phone functionality in a new way.

Doomboot.A drops Symbian ETEL ROM binaries to the C:\ folder of the device. Doomboot.A is the first malware to drop Commwarrior.B on the a device. These ROM binaries cause the device to fail at the next boot and the device stays in a reboot loop.
 

  ARCHIVED THREATS...
BlueBugging
The exploitation of Bluetooth vulnerability to hack into your phone, pda, or wireless network to steal data.
  • BlueBugging article @ PC World
  • BlueBugging article @ Scientific American
  • BlueBugging article @ the Bunker
BlueSnarfing
The exploitation of Bluetooth vulnerability to hack into your phone, pda, or wireless network to steal data, destroy information, send SMS messages, or make calls.
Brador
Brador is a backdoor trojan affecting Pocket PC devices. Once installed, the device locks up and allows the virus creator to enter your device through a backdoor where they can steal data, download files, and even upload more malicious code.
  • Brador article @ PC World
  • Brador article @ Techtree
  • Brador article @ Techworld
Cabir
Cabir, a series 60 trojan, has shown itself in many variants. Originally a proof-of-concept worm, Cabir has recently appeared in the wild, even making its way to the US. Cabir spreads itself via Bluetooth, draining battery life by constantly searching for nearby devices.
CommWarrior
CommWarrior, a Series 60 trojan, is the first virus to make use of MMS messaging. CommWarrior runs silently in the background sending costly MMS messages at random intervals and also attempts to spread itself to nearby devices via Bluetooth.
Dampig
Disguised as a cracked version of the popular FSCaller application, Dampig installs several Cabir variants, corrupts uninstall data, and disables major applications, address books, and file managers.
Drever
Disguised as a Series 60 patch/update, the Drever trojan, once installed, crashes critical system components, disables anti-virus software, and prevents any application from being launched, locking the phone.
  • Drever article @ PhoneMag
Duts
From the creators of the Cabir virus, Duts is the first virus attacking the Pocket PC operating system, infecting .exe files.
Fontal
Fontal, a Series 60 trojan posing as legitimate software, installs a corrupted font file that disables your phone on reboot--a complete system wipe is required, losing all data stored on the device.
Gavno
Gavno, a Series 60 trojan posing as a Symbian OS patch, disables call functions virtually rendering your phone useless. Later variants of Gavno also included copies of Cabir.
Hobbes
Hobbes, a trojan affecting some Series 60 devices, disables applications upon phone reboot. Hobbes poses as Symantec anti-virus software to trick users into installing.
Lasco
Lasco is the first Series 60 virus able to infect Symbian SIS files. Similar to Cabir, Lasco attempts to replicate itself to nearby devices via Bluetooth.
  • Lasco article @ Virus.org
  • Lasco article @ PC World
  • Lasco article @ New Scientist
Locknut
Locknut, a Series 60 trojan similar to Gavno, blocks applications from launching and also installs variants of Cabir which then attempt to replicate themselves via Bluetooth.
  • Locknut article @ PhoneMag
Mabir
Mabir, a new Series 60 trojan from the original Cabir author, is another virus to make use of MMS. Whenever an infected phone receives an MMS or SMS, Mabir sends itself to the sender's phone, posing as a reply. Mabir also uses Bluetooth to attempt further spreading.
Metal Gear
Posing as the popular video game "Metal Gear Solid," this Series 60 trojan has a dual attack. It first disables anti-virus software, blocks file explorers and other applications from being launched, then installs variants of Cabir and spreads itself via Bluetooth.
Mosquitos
One of the first malicious Symbian trojans, Mosquitos poses as a game but instead installs code that repeatedly sends out costly SMS messages.
  • Mosquitos article @ Silicon
  • Mosquitos article @ PC World
Skulls
One of the most visible Symbian trojans, upon installation Skulls disables all Symbian applications and replaces the icons with a malicious-looking skull. Removal can only be completed by a hard-reset of your phone.
  • Skulls.L article @ ZDNet UK
  • Skulls article @ C|Net
  • Skulls article @ ComputerWorld
  • Skulls article @ eWeek
Privicy Policy Ι Solutions Ι News Ι About Us Ι Sitemap

©2006 SMobile Systems
2020 Leonard Ave. • Columbus, Ohio 43219 • 1-866-323-0480