Symbian users beware: First phone botnet discovered

Updated on 17-Jul-2009
At the end of 2008, many leading security experts had predicted 2009 to be the year that hackers start targeting mobile phones and personal media players. The ominous warning has rung true, as researchers at Trend Micro Labs have blogged about the discovery of the first botnet for cell phones.
In the past few days, the security firm has encountered a new threat for Symbian devices, detected as SYMBOS_YXES.B. According to Marianne Mallen, Escalation Engineer in TrendLabs, it poses as the legitimate application ACSServer.exe and calling itself Sexy Space, it steals the user’s subscriber, phone, and network information, and connects to a website in order to send the said information. In addition, the malware can also send spammed SMS messages to the user’s contacts.
“In short, it appears to be a botnet for mobile phones,” wrote Jonathon Leopando in the blog post.
However, the malware itself is classified as low risk, with a low distribution potential, according to a Trend Micro analysis.
The surprising part, though, is that the botnet has been digitally signed – a move that makes them “trustworthy” for Symbian phones.
“The signing process – undertaken by the Symbian Foundation itself – is supposed to ferret out instances like this, but somehow this slipped through. It may well be a coincidence, but it does not reinforce confidence in the signing system,” Leopando wrote.
So, Symbian users, be on the alert while receiving any new files or while visiting some untrustworthy Web sites.

Connect On :