Press Releases

Browse our press release archive

01 Mar 2006

Mobile Trojan horse tries to send premium rate SMS messages

Redbrow Trojan horse is further evidence of malware written for profit

Sophos technical support
Sophos experts say that there is no need for panic.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have urged mobile phone owners not to panic following the discovery of the first cellphone malware that tries to make money.

The Troj/Redbrow-A Trojan horse (also known as RedBrowser) runs on certain phones with support for J2ME (Java Micro Edition), posing as an application which enables cellphones without WAP capability to have WAP access. The Trojan, which is entirely in Russian language, sends a number of premium rate SMS messages, costing the user money.

"Redbrow is a Trojan horse, which means it can't spread under its own steam. This, combined with the fact that it is written entirely in Russian and only works on the Russian mobile phone network, means that most people are extremely unlikely to ever encounter it," said Graham Cluley, senior technology consultant for Sophos. "However, during the last year we have seen more and more malware being written for profit, and this is further evidence of that growing trend."

This is not the first time that Russian hackers have tried to use malware to exploit the cellphone SMS system. In late 2004, the Troj/Delf-HA Trojan horse was discovered, which helped spammers send unsolicited spam messages to mobile phones.

Sophos has received no reports of customers being affected by the Redbrow Trojan horse, and issued protection against the threat at 19:53 GMT, 28 February 2006.

Sophos continues to recommend that users exercise caution about what software they run on their computers and mobile devices, and run up-to-date security software.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.