New Trojan threatens Symbian smart phones

A new Trojan horse aimed at smart phones using the Symbian operating system was launched earlier this week, just in time to spoil the holiday season for uninformed wireless gamers.

The malware, MetalGear.a, which masquerades as a Symbian version of the Metal Gear Solid game, disables antivirus programs and installs a version of the Cabir worm, which was identified earlier this year, according to SimWorks International Ltd., which issued an alert on Tuesday.

The Cabir worm, in turn, attempts to spread a second Trojan program, called SEXXXY.sis, to nearby phones through the Bluetooth short-range wireless protocol. If users accept and install this file, it disables the Symbian application button on their phones.

"This is a new strand of smart phone malware because it actually consists of three pieces: two Trojans and a worm," said Aaron Davidson, CEO of SimWorks, in a telephone interview today from the company's headquarters in Auckland. "It also shows how viruses writers are getting more sophisticated."

So far, Trojan horses, worms and viruses aimed at smart phones have failed to spread rampantly. Their propagation has been hindered by the need for users to accept and install programs.

To infect their phones, users must open and install the fake Metal Gear game, Davidson said. "There are plenty of Web sites offering cracked versions of games," he said. "These sites are used not only by people seeking free software, but also by virus writers."

Like the Skulls Trojan detected last month (see story), the MetalGear Trojan uses an icon-disabling technique to disable antivirus and other applications.

If users install the MetalGear Trojan program, they will have difficulty repairing their phones because the program effectively disables all tools on the phone necessary to undo the damage, Davidson said.

The MetalGear and SEXXXY Trojan programs are included in a program called Metal Gear.sis.

Antivirus software from SimWorks has been updated to provide protection from both Trojan horse programs, Davidson said.

Copyright © 2004 IDG Communications, Inc.

Shop Tech Products at Amazon