 The Skulls Trojan horse changes system icons, disabling all but phone functions.
Photo: F-Secure |
The program, dubbed "Skulls" by antivirus companies, is disguised as a theme manager for Nokia phones in the Symbian Installation System format, said Mikko Hypponen, director of antivirus research for software maker F-Secure.
Only a few people have managed to run across the program on the Web and then downloaded and run the Trojan horse, he said.
"We are not talking about a huge amount of infected people, and it is not a virus, so it is not spreading," Hypponen said.
The program is the latest threat to affect mobile phones and PDAs. Earlier this month, a program called Delf infected PCs in order to send spam to mobile phone users in Russia. Two other malicious programs--Mosquito and Cabir--were also aimed at infecting phones that use the Symbian operating system. The creators of Cabir even created a version that attempts to infect Windows CE devices.
Like the latest threat, none of the cell-phone attacks have yet amounted to much.
When run, the Skulls program breaks all the links to Symbian system applications and replaces the icons with images of skulls. Third-party applications are not affected, Hypponen said, allowing users that have installed a non-Symbian file manager to actually find and delete the malicious program files, cleaning the phone.
For users that have no third-party file manager, the only current fix appears to be a hard reset, which will leave the phone in its default factory condition. Unfortunately, this fix will also delete any user data.
"In practice, it is difficult to clean the phone," Hypponen said. "You can't go online, you can't download fixing programs, you can't beam anything to the phone."
While the program can cause some headaches, it is not a significant threat.
Still, it is a signpost indicating the direction that virus writers could be headed, said Vincent Weafer, senior director for security response at Symantec, a maker of antivirus software.
"It does no permanent damage," he said. "But it does mean that people are investing time in investigating the possibilities" for infecting and damaging mobile phones, he said.
Play video
There are currently no comments for this post.