SymbOS/Mquito.A!tr
Analysis
Specifics
This proof-of-concept dialer Trojan is coded for Nokia
series 60 phones and uses SMS to dial pay-per-text numbers.
This Trojan will only exist on Symbian-based phones
if the user downloads and installs the Trojanized version
of the game "Mosquito" (aka Mosquito v2.0).
It is coded for Symbian OS and ARM processors - the Trojan exists as the file "Mosquitos.app", and when installed it is in this location -
!:\system\apps\Mosquitos\Mosquitos.app
The Trojanized version may exist on P2P file sharing environments or other web sites within an installation file "Mosquitos.sis", with a file size of 140,597 bytes. Extracted, the Mosquito application is 267,852 bytes.
"Mosquito" is a game which enables the player to clobber the same named insect incorporating use of the camera built into the applicable phone. The game runs on Symbian-based phones. During game-play, the Trojan may send SMS messages to any of these pay-per-text numbers -
4636
9222
33333
87140
Miscellaneous
This Trojan contains comments which are not displayed
on the phone but exist in the code body -
This version
has been
cracked by
SODDOM BIN LOADER
No rights reserved.
Pirate copies
are illegal
and offenders will have
lotz of phun!!!
Recommended Action
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option
- Do not accept unsolicited applications which may be received by Infrared or other means
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |