New Trojan horse gallops onto Symbian OS
Smartphone users are being put on high alert after the identification of a new security threat that inhabits the Symbian OS and spreads trouble via Bluetooth.
Smartphone users are being put on high alert after the identification of a new security threat that inhabits the Symbian OS and spreads trouble via Bluetooth. According to security specialist SimWorks International, which has issued the alert, the new malware takes the form of a Trojan horse named MetalGear.a. This impersonates a Symbian version of the popular adventure game Metal Gear Solid.
Once installed on a user’s smartphone, MetalGear.a disables any antivirus programs it finds. It also installs the Cabir worm, which in turn then busies itself attempting to spread a second Trojan called SEXXXY to nearby phones using wireless Bluetooth technology.
"This is a new strand of smartphone malware because it actually consists of three pieces: two Trojans and a worm," said Aaron Davidson, chief executive officer of SimWorks. Davidson went on to explain how the MetalGear.a Trojan is distributed; via free ‘cracked’ game downloads. Users must therefore be wary about downloading cracked versions of games, as these are often used by virus writers to help threats such as Trojans make the leap onto devices. If users download the fake Metal Gear game and then install this on their Symbian device, that is all it takes for their smartphone to become infected.
The arrival of MetalGear.a shows how sophisticated virus writers targeting handhelds are becoming. It follows hot on the heals of a similar threat, the so-called ‘Skulls Trojan’, which was identified last month. Skulls uses the same icon-disabling technique as MetalGear to nullify antivirus and other applications.
Cabir first appeared in June this year after it was created by a group of eastern European virus writers to warn how worms could be used to penetrate mobile phones. At the time the worm had no malicious code attached and was only sent to Russian antivirus firm Kaspersky Labs as a proof of concept, however since June it has been utilised by virus writers keen on targeting handheld devices.