First J2ME trojan found.
Its name is: Redbrowser.A (Trojan-SMS.J2ME.RedBrowser.a). Redbrowser.A is J2ME based Java Midlet that sends SMS messages to specific number.
The Redbrowser pretends to be a WAP browser that offers free WAP browsing using free SMS messages to send the WAP page contents. But what Redbrowser actually does is to send SMS messages to one specific number thus it may cause financial losses to the user.
The fact that Redbrowser claims to send free SMS messages as part of its normal operation, is to fool the user into allowing the application permission to use Java SMS capabilities in phones that require permission from the user before sending SMS messages. This claim of free service is a form of social engineering.
The social engineering texts used in Redbrowser.A are in Russian, which limits the trojan only to Russian speaking countries.
F-Secure Mobile Anti-Virus is capable of detecting and deleting the Redbrowser.A trojan. It is also possible to remove the Redbrowser.A trojan by uninstalling it with the Symbian application manager.
F-Secure Corporation
tag: virus, trojan, F-Secure, Java, Redbrowser.A, Trojan-SMS.J2ME.RedBrowser.a, Redbrowser, WAP, J2ME
No comments:
Post a Comment