Friday, July 17, 2009

Trend Micro warns of new worm for Symbian OS

Symbos_Yxes.B spreads via SMS. He holds a valid certificate from Symbian. After an infection, he steals serial number and participant ID and sends the data to a server on the Internet. Trend Micro has a new worm for Symbian OS and warned of the spread by SMS. The Symbos_Yxes.B-called malware can be manipulated via a website on a mobile phone that will unlock a user supposedly legitimate application as Symbian ACSServer.exe information source file (SIS) to download offers.

The malware bypasses an important safeguard for the mobile operating system. Symbian OS only allows the installation of signed applications. The certificates are issued by Symbian Signed, which is now part of the Symbian Foundation. Symbos_Yxes.B has, like the previous variant A, has a valid signature. After installing the malware steals, who is himself "Sexy Space" called, information like the serial number and IMEI Subscriber Identity IMSI, and sends them to a server on the Internet. In addition, the worm sends out SMS messages to the contacts of a user to continue to spread. The text of the SMS, he also receives from the server.

"In other words, there seems to be a botnet from mobile phones to act," wrote Trend Micro spokesman Jonathan Leopando in a blog entry. Worse, however, that the Variaten A and B of Symbos_Yxes have a valid signature that really meant
was detected pests. "There may be a random act, but the incident is not just strengthens the confidence in the signature system."

No comments: