SmartPhoneToday

Home | News | Reviews | Features | FREE Downloads | Forums | Compare PDA Prices | Compare SmartPhone Prices


SmartPhoneToday > News > Trojan Silences Smartphones

Trojan Silences Smartphones

By James Alan Miller
January 24, 2005

As we reported in our article Mobile Malware: The Brief History, a more hazardous time for smartphone users—filled with trojans and viruses—is upon us.

This new reality took a sinister turn this weekend with the discovery of perhaps the worst mobile trojan yet, Gavno.a. This new malware so severely disrupts the functioning of a Symbian phone, the handset can no longer make calls. Earlier threats (e.g. Skulls, Cabir, and Gear) only affected higher-level systems.

The threat—discovered by antivirus company SimWorks—is spread through a file called path.sis, which is camouflaged as a patch for a user's smartphone. SimWorks says the trojan immobilizes the handset through a malformed file to crash the operating system.

This technique is similar to the one used by last month's SEXXXY malware. Unlike SEXXXY, however, Gavno doesn't disable just one button, but rather the entire phone.

SimWorks CEO Aaron Davidson comments, "The Gavno trojan is a significant development. Until Gavno there has been nothing that you could inadvertently install on you phone that could disrupt it to the extent that you can no longer even make a phone call."

Gavno's tiny 2 kilobyte size also gives it the sinister honor of being the most destructive and smallest Symbian trojan of all.

Although SEXXXY and Gavno are similar, Davidson continues, "It is unclear whether there is any connection between the author of SEXXXY and the author of Gavno."

Since the discovery of Gavno.a, an even more insidious version of the trojan, Gavno.b, has come to light. This version uses a slightly larger install file called patch_v2.sis to bundle a copy of the Cabir and Camtimer trojans. As a result, Cabir attempts to send a copy of Gavno and Camtimer to other nearby Symbian phones via Bluetooth.

Only smartphones running the Series 60 interface on top of Symbian OS V7—the most common type of Symbian handset—are affected. UIQ-based Symbian phone users need not worry about his malware ... at least not yet.

Precautions
As a rule, it is a good idea not to accept Bluetooth messages from unknown users. You should also operate your device in hidden Bluetooth mode to avoid being infected.

You will find additional security guidelines in the following articles:

--Handheld Security: Part IV – The Mobile VPN

--Handheld Security: Part III – Evaluating Security Products

--Handheld Security: Part II - Understand Vulnerabilities

--Handheld Security: Part I - Learn the Basics

--Top 10 Items You Shouldn't Allow on Employee Unprotected PDAs (and what do about it)



Related Links:

  • Mobile Malware: The Brief History
  • Yet Another Virus Targets Smartphones
  • New Cabir Variants are Spreading Fast
  • Trojan Targets Anti-Virus Achilles Heel
  • Security Update: Skulls Hit Symbian Phones

     
     Printable Version
     Email this Story to a Friend  Add Your Opinion



    User Opinions:

       

    Be the first to add your opinion about this product
    Click HERE Now!


     Add Your Opinion  



    • PDA/Smartphone Newsletters
    text html text html
    X PDAStreet X Pocket PC Wire
    X iPhoneGuide      

    Other Personal Technology Newsletters
    X Sharky Extreme X WiFi Planet


    internet.commediabistro.comJusttechjobs.comGraphics.com

    Search:

    WebMediaBrands Corporate Info

    Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
    Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs