 |
| The Trojan horse displays skulls on infected
mobile phones. |
Sophos virus experts have advised customers not to panic,
following media reports of a Trojan horse which infects cell
phones.
The Troj/Skulls-A Trojan
horse runs on the Symbian operating system, used by mobile phones
such as the Nokia Series 60, and can display pictures of human
skulls on infected devices. However, despite excitable reports from
some members of the security community, Sophos has received no
reports from customers affected by the Trojan horse and the threat
appears to be very low.
"Some media reports have described Skulls as a virus. It isn't -
it's a Trojan, and that means that it cannot spread by itself. In
order to be infected you have to deliberately download the
malicious file from the internet and install it on your mobile
phone - even then it won't be able to spread itself to other phones
from yours," said Graham Cluley, senior
technology consultant for Sophos. "Users probably need to be more
concerned about the large number of malicious Windows worms
spreading around via email and the internet at the moment."
A message displayed at installation further reduces the chances
of mobile phone owners being unknowing infected by the malicious
Trojan code. The message, which is displayed on the mobile phone's
screen reads as follows:
Extended Theme is an advanced Theme Manager for
7610. It uses to manage, edit, & create themes using your 7610.
Tee-222 takes no responsibility for any kind of results caused by
this app. Install at your own risk. Developed by Tee-222
2004.
"Everyone should take care about running unknown or unsolicited
code on their computer - whether it be on a phone, a PDA, a desktop
or a file server," continued Cluley.
The analysis by Sophos's team of experts has revealed that the
author of the Skulls Trojan horse has threatened to write more
Trojans for mobile phones in the future. The Trojan horse drops the
following message on infected cell phones:
What is T-VIRUS? T-VIRUS is not a type of
virus, instead it is a system file, specially designed &
created for you. T-VIRUS crashes the main system of your phone, i
guess it is the right time for you to go to your service center, or
buy a new phone. Newer & higher version of T-VIRUS, coming
soon. If you have Cabir, feel free to send it to me, i'll
appriciate it very much.
The reference to "T-VIRUS" should not be confused with the the
T-Virus hoax from
earlier this year, which was started as part of a promotion for the
Resident Evil videogame.
"Mobile devices (PDAs and phones) have been theoretically
vulnerable to viruses and Trojans for some years, but there has
been very little malware written," explained Cluley. "The variation
in details such as OS version, firmware revision and device
characteristics in the mobile arena has resulted in a "moving
target" for virus writers. This is one reason why there is not
currently a large threat to mobiles from malicious code. The virus
writers seem much more interested in attacking the old faithful
target: Computers running Microsoft Windows."
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.