|
|
|
|
|||
| Home | News | Reviews | Features | Tips | Mobile Product Watch | Forums | |||
|
As we reported in our article Mobile Malware: The Brief History, a more hazardous time for smartphone users—filled with trojans and viruses—is upon us. This new reality took a sinister turn this weekend with the discovery of perhaps the worst mobile trojan yet, Gavno.a. This new malware so severely disrupts the functioning of a Symbian phone, the handset can no longer make calls. Earlier threats (e.g. Skulls, Cabir, and Gear) only affected higher-level systems. The threat—discovered by antivirus company SimWorks—is spread through a file called path.sis, which is camouflaged as a patch for a user's smartphone. SimWorks says the trojan immobilizes the handset through a malformed file to crash the operating system. This technique is similar to the one used by last month's SEXXXY malware. Unlike SEXXXY, however, Gavno doesn't disable just one button, but rather the entire phone. SimWorks CEO Aaron Davidson comments, "The Gavno trojan is a significant development. Until Gavno there has been nothing that you could inadvertently install on you phone that could disrupt it to the extent that you can no longer even make a phone call." Gavno's tiny 2 kilobyte size also gives it the sinister honor of being the most destructive and smallest Symbian trojan of all. Although SEXXXY and Gavno are similar, Davidson continues, "It is unclear whether there is any connection between the author of SEXXXY and the author of Gavno." Since the discovery of Gavno.a, an even more insidious version of the trojan, Gavno.b, has come to light. This version uses a slightly larger install file called patch_v2.sis to bundle a copy of the Cabir and Camtimer trojans. As a result, Cabir attempts to send a copy of Gavno and Camtimer to other nearby Symbian phones via Bluetooth. Only smartphones running the Series 60 interface on top of Symbian OS V7—the most common type of Symbian handset—are affected. UIQ-based Symbian phone users need not worry about his malware ... at least not yet.
Precautions You will find additional security guidelines in the following articles: --Handheld Security: Part IV – The Mobile VPN --Handheld Security: Part III – Evaluating Security Products --Handheld Security: Part II - Understand Vulnerabilities --Handheld Security: Part I - Learn the Basics
--Top 10 Items You Shouldn't Allow on Employee Unprotected PDAs (and what do about it)
|
The Network for Technology Professionals
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers
|
Video: How System Center Helps Reduce IT Costs IBM Cloud Computing for Developers Virtual Event, April 6-8 |
Microsoft Video: OCS and Exchange: Platform Futures MORE WEBCASTS, PODCASTS, AND VIDEOS |
