Newsfeed
Nachrichtenbote
We've an interesting mobile case to report…
One of today's samples is a trojan compiled for S60 3rd Edition phones. It's detected as Trojan:SymbOS/Yxe.A.
This is something we don't see very often. There are spy tools and other privacy threats directed at S60 3rd Edition phones, but malware is still mainly an issue on S60 2nd Edition phones.
S60 3rd Edition uses a different binary structure than 2nd Edition, and then all 3rd Edition applications must be signed. What's special about Yxe is that all evidence suggests it uses a valid Symbian Certificate.
With this certificate, the trojan was signed. And being a signed application it gains privileged access.
The source of this trojan is China.
Here you can see the language options, EN and ZH:
Did you also notice the "Sexy View" and "Play Boy"? That should give you a good idea of the Social Engineering that's being utilized.
Our mobile analysts are still working the case. We'll have more for you as it develops. On 18/02/09 At 06:14 PM
Weiterlesen...
One of today's samples is a trojan compiled for S60 3rd Edition phones. It's detected as Trojan:SymbOS/Yxe.A.
This is something we don't see very often. There are spy tools and other privacy threats directed at S60 3rd Edition phones, but malware is still mainly an issue on S60 2nd Edition phones.
S60 3rd Edition uses a different binary structure than 2nd Edition, and then all 3rd Edition applications must be signed. What's special about Yxe is that all evidence suggests it uses a valid Symbian Certificate.
With this certificate, the trojan was signed. And being a signed application it gains privileged access.
The source of this trojan is China.
Here you can see the language options, EN and ZH:
Did you also notice the "Sexy View" and "Play Boy"? That should give you a good idea of the Social Engineering that's being utilized.
Our mobile analysts are still working the case. We'll have more for you as it develops. On 18/02/09 At 06:14 PM
Weiterlesen...