Trojan targets basic Java phones
PrintFrom Russia without love
Posted in Software & Security, 28th February 2006 16:39 GMT
Free whitepaper – What Exchange can't do - and Dell can
Ne'er-do-wells have created a Trojan that can infect mobiles phones running Java applications. RedBrowser-A infects not only smart phones, but any mobile phone capable of running Java (J2ME) applications, according to Russian anti-virus firm Kaspersky Lab.
The mobile malware poses as a program called RedBrowser that supposedly allows surfers to visit WAP sites without using a WAP connection. According to the blurb, this access is possible by sending and receiving free SMS messages. In reality, the Trojan sends text messages to premium rate numbers, costing users between $5 and $6 per SMS.
The Trojan is a Java application in the form of a JAR format archive, sometimes called "redbrowser.jar" that's 54,482 bytes in size. It can be downloaded to the victim handset either after downloading it onto a PC and subsequently transferring it onto a handset, or downloading it directly from a WAP site. Fortunately, however you get it, the malware is easily removed from the victim handset using standard utilities already installed on the telephone.
So far, Kaspersky Lab has only received one sample of RedBrowser, which targets subscribers of Beeline, MTS, and Megafon, Russia's largest mobile service providers. However, the appearance of the low-risk malware might encourage virus writers to develop similar programs. Mobile phone users in Russia and beyond are advised to resist any temptation to download and run unknown programs via the internet.
Kaspersky Lab senior technology consultant David Emm said: "This latest virus represents a natural progression for virus writers, who are constantly seeking to extend their reach by spreading infections via as many platforms as possible. One thing's for sure - RedBrowser may be the first of its kind, but it certainly won't be the last." ®
Free whitepaper – Straight Talk with Dell: Sending out an SaaS
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
The business value of SIP VoIP and trunking
Seven ways to optimize VMware server virtualization
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs