Symbian Signed Trojan out in the Wild – SYMBOS_YXES.B (Sexy Space)
If you were wondering why there are Virus Scanners for Symbian mobiles, here’s one reason.
In order for applications to be installed on your Symbian mobile phones, they have to signed by the Symbian Foundation. This should reduce the risk of malware on your mobile, you may say. But it looks like they’ve slipped up here. They’ve inadvertently signed two trojans(SYMBOS_YXES.B and SYMBOS_YXES.A) , which allows them to be installed on the phone with no certificate security errors. Trend Micro had found these out there in the wild, and state the following:
In the past few days, Trend Micro has encountered a new threat for Symbian devices, detected as SYMBOS_YXES.B. According to Marianne Mallen, Escalation Engineer in TrendLabs, it posts as the legitimate application ACSServer.exe and calling itself Sexy Space, it steals the user’s subscriber, phone, and network information, and connects to a website in order to send the said information. In addition, it can also send spammed SMS messages to the user’s contacts. (The content in the said messages is acquired from the website it connected to earlier.) Read more from Trend Micro.
If you’re getting complaints from your friends about you sending them spam, you’re better off getting your phone scanned for this virus.
Symbian has to improve on their tests of the application before they sign the application. Slip-ups like this is surely going to dent the user’s already deteriorating view of the Symbian mobile platform.