Feeds

'Sexy View' SMS malware targets Symbian devices

Signed, Sealed, Delivered (You're pwned)

Choosing a cloud hosting partner with confidence

Bad sorts have created a malware targeted at Symbian mobile phones that comes signed with an apparently valid Symbian Certificate.

Because it is signed the application can potentially gain privileged access, net security firm F-secure warns. The malware is also unusual because it is targeted at S60 3rd Edition phones, instead of the more common target of 2nd edition phones.

The Yxe-A Trojan originates in China and is packaged up with names such as "Sexy View" and "Play Boy", providing an indication that social engineering trickery plays a part in pushing the code. F-Secure describes the malware as a Trojan but other vendors describe it as a worm, in recognition of the discovery of what might be described as auto-spreading capabilities.

Security researchers at Fortinet report that the malware (which it calls the Yxes-A worm) harvests phone numbers from an infected device's file system, and repeatedly attempts to send SMS messages to these mobile numbers. These SMS messages direct surfers to a maliciously constructed website. When users of vulnerable devices "click" on the address in received messages, an attempt to download a copy of the malware will occur.

Fortinet adds that the malware gains information on the infected victim (such as serial number of the infected phone, subscription number etc) and posts this data to a remote server likely controlled by cyber criminals. It's unclear how many users have fallen victim to the attack or its ultimate motives.

Analysis of the malicious code remains ongoing. ®

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.