- Jul 29, 2001
- 15,200
- 10
- 81
Security vendors Symantec recently listed a new batch of Trojan horse apps spreading on Symbian smartphone devices. All three of them are capable of seriously disrupting the operations on Symbian devices, especially those running on Series 60 platform. Hence, users are advised to beware of loading .sis files from unknown sources.
The first Trojan, identified as SymbOS.Sendtool.A, drops a hacktool that can be used to send malicious programs, such as variants of the SymbOS.PBStealer family of Trojans, to other mobile devices via Bluetooth. This Trojan horse arrives on the compromised device as Fspreader.SIS.
SymbOS.Pbstealer.D, sends the user?s contact information database, Notepad, and Calendar To Do list to other Bluetooth-enabled devices. It has been reported that this Trojan arrives on the compromised device as ChattingYuk.SIS or PBCompressory.SIS.
The third Trojan, known as SymbOS.Bootton.E, restarts the mobile device when executed. However, as it also drops corrupted components, the device is unable to restart. This Trojan reportedly arrives as Restart.S60.SIS.
Symantec also claimed that once the user opens any of the above .sis file, the device Installer will display a dialog box to warn the user that the application may be coming from an untrusted source and may cause potential problems.
Recommendations and removal instructions provided by Symantec.
The first Trojan, identified as SymbOS.Sendtool.A, drops a hacktool that can be used to send malicious programs, such as variants of the SymbOS.PBStealer family of Trojans, to other mobile devices via Bluetooth. This Trojan horse arrives on the compromised device as Fspreader.SIS.
SymbOS.Pbstealer.D, sends the user?s contact information database, Notepad, and Calendar To Do list to other Bluetooth-enabled devices. It has been reported that this Trojan arrives on the compromised device as ChattingYuk.SIS or PBCompressory.SIS.
The third Trojan, known as SymbOS.Bootton.E, restarts the mobile device when executed. However, as it also drops corrupted components, the device is unable to restart. This Trojan reportedly arrives as Restart.S60.SIS.
Symantec also claimed that once the user opens any of the above .sis file, the device Installer will display a dialog box to warn the user that the application may be coming from an untrusted source and may cause potential problems.
Recommendations and removal instructions provided by Symantec.