Fortinet

I had already seen mobile malware SMS messages with a malicious URL inside (e.g SymbOS/Yxes), or MMS messages (e.g SymbOS/Album.A!tr, SymbOS/Beselo!worm…) with a malicious attachment. However I had never noticed a mobile malware piece sending a WAP Push SMS (special SMS messages typically used to send ringtones, wallpapers, OTA provisioning etc). The recent SymbOS/NMPlugin.A!tr does [...]

Lately, I have been analyzing a sample of SymbOS/Album.A!tr, another advanced malware targeting mobile phones running Symbian OS 9 and greater. First of all, once more, like SymbOS/Yxes, this malware was “legitimately” signed by Symbian’s Express Signed program. The certificate is now revoked: Serial Number: c8:8e:00:01:00:23:db:45:38:bc:e7:2a:d3:03 Signature Algorithm: sha1WithRSAEncryption Issuer: C=GB, O=Symbian Limited, CN=Symbian CA [...]

Want to impress friends with eccentric ways to send SMS messages? This article is for you. As a matter of fact – and closer to the official goal – this article can also help analysts spot unexpected SMS sending in malware. SMS for Java-kiddies Sending SMS from a Java ME midlet is simple enough for [...]

On Symbian phones, most malware are either implemented natively in C++ (over the Symbian API) or in Java (midlets). SymbOS/Enoriv.A!tr.dial uses another language called m. Usually, m scripts (.m extension) are run within the m environment, (mShell) using the various features offered by m library modules (messaging, obex, video, zip…). This is comparable to Java [...]

There are days where I wonder if people really care about privacy (except for these people). Most people don’t see any problem in telling the entire world what they’re doing (Twitter), who they know or see (Facebook) or where they are: the kind of stuff teenagers hate to tell their parents. Mobile phones are just [...]