Computer Crime Research Center


New Trojan for mobile phones

Date: April 07, 2005
Source: Computer Crime Research Center
By: CCRC staff

A new Trojan horse hitting Symbian 60 Series handsets makes the phones useless until they're reformatted, deleting all the stored data, a Finnish security firm said Wednesday.

A new Trojan horse hitting Symbian 60 Series handsets makes the phone useless until it's reformatted, deleting all the stored data, said a Finnish security firm Wednesday.

F-Secure said that the Fontal.a Trojan installs a corrupted font file into targeted handsets, causing them to fail at startup. Rebooting the phone by turning it off, then on, only compounds the problem, since the phone then essentially locks up.

Other Trojan horses, or applications that appear to be legitimate but perform illicit activity when they are run, have found their way into smart phones. But unlike the CommWarrior Trojan, Fontal.A does not propagate over Bluetooth wireless networking connections or Multimedia Message Service, which is a mobile technology for sending text messages that can also include images, audio or video. Instead, it is distributed via file-sharing or IRC (Internet relay chat).

Fontal.A tries to install a corrupted file, called "Kill Saddam By OID500.sis," into the infected device, causing it to fail at the next reboot, F-Secure said. If the handset is rebooted, it gets stuck and can't be used until it is disinfected.

The Trojan also damages the application manager, preventing new programs from being installed and stopping the Trojan itself from being uninstalled. The only fix is to reformat the phone. However, doing this causes all data on the handset to be lost, F-Secure said.

The company suggested that the way to avoid Fontal.A and other Trojans is to download files only from known or trusted sources.

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2005-12-14 04:38:02 - I'm thankful that I happen to search for... Renalyn
2005-09-17 15:55:19 - Thank you very much! Gaane
Total 2 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo