Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Mobile worm discovered by Fortinet

Fortinet : 20 February, 2009  (Technical Article)
Research group at Fortinet discover new worm which propagates using SMS from Symbian devices
Fortinet's FortiGuard Global Security Research Team has detected a new SMS mobile worm that has resorted to a breakthrough propagation strategy making use of SMS messages and Internet access.

This new worm, deemed SymbOS/Yxes.A!worm (also known as 'Sexy View') is reported to be currently spreading in the wild and targeting mobile devices running SymbianOS S60 3rd Edition (eg: Nokia 3250), but may run on a wider range of devices, as it has been reported to function on phones operating SymbianOS S60 3rd edition FP 1 (eg: Nokia N73). It bears a valid certificate signed by Symbian, and installs as a valid application on factory mobile devices running S60 3rd Edition.

* Once inside the phone it gathers phone numbers from the infected device's file system, and repeatedly attempts to send SMS messages to those phone numbers.
* The messages feature a malicious Web address (URL); upon 'clicking' on the address in the received message, the recipients will download a copy of the worm (provided their phones/subscriptions allow for internet browsing).

Beyond propagating to as many users as possible via the strategy mentioned above, the worm's aim is to gather personal intelligence on the infected victim (such as serial number of the phone, subscription number) and post it to a remote server likely controlled by cyber criminals. Whatever the latter may do with such information is unknown as of writing.

The full advisory can be found on the FortiGard web site and Guillaume Lovet, head of the threat research team at Fortinet is available to speak to you today to discuss the threat and what it really indicates for the next step in mobile viruses -
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo