Symbian Signed Trojan out in the Wild – SYMBOS_YXES.B (Sexy Space)

Tuesday 21st, July 2009 / 20:45 Written by

VirusIf you were wondering why there are Virus Scanners for Symbian mobiles, here’s one reason.

In order for applications to be installed on your Symbian mobile phones, they have to signed by the Symbian Foundation. This should reduce the risk of malware on your mobile, you may say. But it looks like they’ve slipped up here. They’ve inadvertently signed two trojans(SYMBOS_YXES.B and SYMBOS_YXES.A) , which allows them to be installed on the phone with no certificate security errors. Trend Micro had found these out there in the wild, and state the following:

In the past few days, Trend Micro has encountered a new threat for Symbian devices, detected as SYMBOS_YXES.B. According to Marianne Mallen, Escalation Engineer in TrendLabs, it posts as the legitimate application ACSServer.exe and calling itself Sexy Space, it steals the user’s subscriber, phone, and network information, and connects to a website in order to send the said information. In addition, it can also send spammed SMS messages to the user’s contacts. (The content in the said messages is acquired from the website it connected to earlier.) Read more from Trend Micro.

If you’re getting complaints from your friends about you sending them spam, you’re better off getting your phone scanned for this virus.

Symbian has to improve on their tests of the application before they sign the application. Slip-ups like this is surely going to dent the user’s already deteriorating view of the Symbian mobile platform.

Image by twenty_questions via Flickr
Reblog this post [with Zemanta]

About the author

Vinu is a Technical Architect working on Web technologies and a mobile enthusiast, who likes trying out new gadgets and apps. You can follow him on Twitter @vinuthomas

View all articles by Vinu Thomas

Leave us a Comment

Search

Sign up for Email Updates

Get the latest articles from My Portable World directly in your inbox. You can unsubscribe at any time using the link below the subscribe button.
* = required field
badge