Feeds

Symbian Trojan drains the life from phones

Warez doodz beware

  • alert
  • submit to reddit

Reducing security risks from open source software

Virus writers have created a new Symbian Trojan called Doomboot-A that loads an earlier mobile virus (Commwarrior-B) onto vulnerable smartphones. Doomboot-A also preventing infected phones from booting up properly. This cocktail of viral effects spells extra trouble for Symbian Series 60 smartphone users, especially those who play around with pirated games.

"Doomboot-A causes the phone not to boot anymore and Commwarrior causes so much Bluetooth traffic that the phone will run out of battery in less than one hour. Thus the user who gets his phone infected with Doomboot-A has less than one hour to figure out what is happening and disinfect his phone, or he will lose all data," writes Jarno Niemela, a researcher at Finnish anti-virus firm F-Secure.

"And what makes matters worse is that the Doomboot-A installation does not give any obvious clues that something is wrong, and Commwarrior-B does not have icon and is not visible in the process list. So the installation of Doomboot-A looks very much like failed installation of pirate copied game, and [a] user has hard time noticing that something bad is happening," he added.

Although several mobile Trojans have been used to spread the Cabir worm, Doomboot-A is the first Trojan to drop Commwarrior. Commwarrior-B can spread by both MMS and Bluetooth messages so it's nastier than Cabir, which only spreads using Bluetooth.

Doomboot-A, like most Symbian Trojans, poses as a pirate copy of a Symbian game (in this case Doom 2). Users who avoid pirated games or applications should be safe from infection.

Like all mobile malware threats to date, Doomboot-A is rare and largely a risk confined to people downloading content from dodgy sources. Mobile viruses, though still a threat, are much harder to catch than conventional Windows viruses. ®

Related stories

Mobile Trojan kills smart phones
Text me and I'll reply with a virus
Users untouched by mobile viruses despite hype
Mobile botnet threat downplayed

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.