Antivirus company warns of new Symbian Trojan
- 08 April, 2005 08:05
Antivirus company F-Secure is warning mobile phone users about a new malicious software program that infects phones that use the Symbian Series 60 operating system, preventing the phones from starting.
The Trojan horse program, dubbed Fontal.A is not a worm or virus, and would have to be downloaded by the phone's owner to infect a Symbian phone. It is just the latest example of malicious code, including worms and viruses, that target mobile devices.
Fontal.A was discovered on Wednesday and is transferred to mobile phones as an SIS format installer file called "Kill Saddam By OID500.sis," F-Secure said.
Once installed, the program damages the phone so that the phone cannot reboot. Mobile phone users who are infected with Fontal should not turn off their phone before removing the Trojan, F-Secure said. The company posted instructions for removing the Trojan from infected phones on its Web page. (See: http://www.f-secure.com/v-descs/fontal_a.shtml.)
Unlike earlier threats to mobile devices, such as the Cabir worm, Fontal does not attempt to spread from phone to phone. Phone users could only be infected by downloading the SIS file containing the Trojan from a Web site or peer-to-peer file-sharing network, F-Secure said.
Malicious programs that run on mobile platforms, such as Symbian, have become more common since Cabir, the first mobile worm, was identified in August 2004. Variants of Cabir have since spread to 16 countries, including the U.S., Japan, and France. In March, antivirus companies also identified the first mobile phone worm, CommWarrior, that spreads using MMS (Mobile Messaging Service).
Trojan horse programs have also been proliferating. In March, antivirus companies warned about the Drever.C Trojan, which infected Symbian phones and attempted to stop mobile antivirus software running on those devices.