 |
| The Trojan horse displays skulls on infected mobile phones. |
Sophos virus experts have advised customers not to panic, following media reports of a Trojan horse which infects cell phones.
The Troj/Skulls-A Trojan horse runs on the Symbian operating system, used by mobile phones such as the Nokia Series 60, and can display pictures of human skulls on infected devices. However, despite excitable reports from some members of the security community, Sophos has received no reports from customers affected by the Trojan horse and the threat appears to be very low.
"Some media reports have described Skulls as a virus. It isn't - it's a Trojan, and that means that it cannot spread by itself. In order to be infected you have to deliberately download the malicious file from the internet and install it on your mobile phone - even then it won't be able to spread itself to other phones from yours," said Graham Cluley, senior technology consultant for Sophos. "Users probably need to be more concerned about the large number of malicious Windows worms spreading around via email and the internet at the moment."
A message displayed at installation further reduces the chances of mobile phone owners being unknowing infected by the malicious Trojan code. The message, which is displayed on the mobile phone's screen reads as follows:
Extended Theme is an advanced Theme Manager for 7610. It uses to manage, edit, & create themes using your 7610. Tee-222 takes no responsibility for any kind of results caused by this app. Install at your own risk. Developed by Tee-222 2004.
"Everyone should take care about running unknown or unsolicited code on their computer - whether it be on a phone, a PDA, a desktop or a file server," continued Cluley.
The analysis by Sophos's team of experts has revealed that the author of the Skulls Trojan horse has threatened to write more Trojans for mobile phones in the future. The Trojan horse drops the following message on infected cell phones:
What is T-VIRUS? T-VIRUS is not a type of virus, instead it is a system file, specially designed & created for you. T-VIRUS crashes the main system of your phone, i guess it is the right time for you to go to your service center, or buy a new phone. Newer & higher version of T-VIRUS, coming soon. If you have Cabir, feel free to send it to me, i'll appriciate it very much.
The reference to "T-VIRUS" should not be confused with the the T-Virus hoax from earlier this year, which was started as part of a promotion for the Resident Evil videogame.
"Mobile devices (PDAs and phones) have been theoretically vulnerable to viruses and Trojans for some years, but there has been very little malware written," explained Cluley. "The variation in details such as OS version, firmware revision and device characteristics in the mobile arena has resulted in a "moving target" for virus writers. This is one reason why there is not currently a large threat to mobiles from malicious code. The virus writers seem much more interested in attacking the old faithful target: Computers running Microsoft Windows."
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.