Symbian Trojan is copy-protection gone mad
Mosquitos bite users with an SMS Dialler.
By Peter Judge, Techworld and David Watson, Computerworld New Zealand
The Mosquito Trojan, the first malware observed in the wild for the
Symbian, has turned out to be a misjudged effort at copy-protection.
Discovered just days after the alleged first Windows CE Trojan horse
was identified, Mosquito was found to be dialling a premium rate
number on Symbian phones without the owners' knowledge.
Users infected their Symbian Series 60 phones with the "Mosquito
Trojan" by running an illegal version of the game Mosquitos and then
found expensive text messages in their phone bills. The problem is a
nuisance rather than a security risk, as it does not spread from
phone to phone. So far actual Symbian viruses such as Cabir which
spreads through Bluetooth, are still at the proof-of-concept stage.
The Trojan dialler, also known as Trojan.Mquito or Mosquit-A, is not
directly the work of hackers, but was part of an early version of the
game, according to F-Secure, as reported in Infosync World. F-Secure
says the Trojan dialler was put into early versions of the game by
the maker, Ojum, with the idea that if the program detected it had
been cracked or was running on an unauthorised device, it would send
a text message to a specified number - at a premium rate, of course,
costing the user around £1.50 per call.
Unfortunately, the Trojan malfunctioned, resulting in big bills and
complaints to the company. Ojum removed it from the game, but not
before it had been copied to warez sites, and "innocent" copyright
thieves were starting to see their bills go up. Ojum has cancelled
the premium billing on the number, says F-Secure, so future texts
will only be billed as a normal text message - though that could be
quite expensive if dialled from outside the UK, where the original
version was designed to be run. "The Trojan version of the game can
be found only from pirated sources," says the F-Secure site.
"Installing such programs is not recommended in the first place."
Chris Auld, managing director of mobility software specialist
Kognition, says that threats on Symbian will be more limited than on
Windows CE. "The interesting thing to note with Symbian is that
applications, and thus worms and viruses, are generally only going to
run on a subset of all Symbian devices. Symbian doesn't have quite
the 'write once, run anywhere', story you'd get with CE, but there
are a number of devices, all on the Vodafone network, that will
potentially be affected by this issue."
He says Symbian's advice to only download software from trusted
sources is sound, but adds a note of caution about carriers requiring
too much of developers when it comes to getting applications
certified. "It's obviously important for small developers that the
bar, in terms of cost and time, isn't set too high when it comes to
having apps certified and signed," says Auld.
The game allows users to shoot mosquitos on screen in a "virtual
reality" type of atmosphere, Cracked versions have a different
version of the opening screen, with responsibility for the crack
taken by one "Soddom Bin Loader".
---
* Origin: [adminz] tech, security, support (192.168.0.2)
generated by msg2page 0.06 on Jul 21, 2006 at 19:04:05
search: