McAfee: Trojan targets Windows Mobile
Summary: McAfee has unearthed a Windows Mobile PocketPC Trojan that disables security, installs via a memory card, can't be uninstalled and makes itself your home page.According McAfee's Avert Labs blog, the Trojan has been discovered in China.
McAfee has unearthed a Windows Mobile PocketPC Trojan that disables security, installs via a memory card, can't be uninstalled and makes itself your home page.
According McAfee's Avert Labs blog, the Trojan has been discovered in China. Here's how it works according to researcher Jimmy Shah:
WinCE/InfoJack sends the infected device's serial number, operating system and other information to the author of the Trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The Trojan modifies the infected device's security setting to allow unsigned applications to be installed without a warning.
The Trojan was packed inside a number of legitimate installation files and distributed widely. It has been distributed with Google Maps, applications for stock trading, and a collection of games.
Considering the penetration of mobile devices in Asia this malware could raise quite a ruckus.
Shah reckons that WinCE/InfoJack was created by a web site that may have hired a hacker to create the malware and then distribute it. The Trojan installs as an autorun program on the memory card, installs itself when that memory card is inserted and can't be deleted. It also becomes your home page.
Update: US CERT also has a warning.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Great
Way to go M$!!!
Thank goodness Apple is coming out with its SDK
Oh, wait, that's right, Macs and their ilk are bulletproof. ;)
Time will tell and marketshare DOES matter.
Right...
to your cell phone as well[/u]
Or not. It might well be bulletproof, especially if applications have to install through
iTunes and require registration.
We shall see, I suppose. This is why the SDK is taking so long, to make it as
bulletproof as possible.
Hard to believe.
Not if the security's worth two pfennigs.
Apparently it runs on the security model of Windows 95.
Too bad iPhone was hit with malware before WM
Link
You must be reading this on an infected iPhone
False
Sorry, that one doesn't count
Also, this one doesn't count because it ASKS the user it they want to be infected:
[i]First, when executed, the virus asks the user if it's allowed to spread.[/i]
So again, using Apple logic, it doesn't count. Hey, I'm only using the same arguments you guys do! :) :) :)
Well, it IS Windoze - from MicroShaft!
Stability?
Security?
A pleasant user experience?
sad, MS is vector for more malware
takes the biscuit
I guess we need signed, maker-validated installs. I am sure the Chinese are as capable of knowing who their safe producers are as anyone, and of making vetting organisations that self-serve for legitimatising shareware to keep that resource open as well.
regards.
More proof that Windows no matter what its shape or form
Thank goodness for Iphone and the upcoming Google phone. Think Microsoft will provide a patch or update to stop this?
Nope!
What about the link above?
Windows Mobile Protection
Tons, just Google it (NT)
Anyone surprised?
is.
Everyone knew that WM was a security sieve brought to you by
the same folks who brought you such other failures as Xbox,
Vista, Zune, Spot, etc.
Now, all the ZDShills like Ou and his ilk will propose a
thousand excuses for why the worst and least ethical company
in the world could not provide mobile devices that are not an
open invitation for trouble.
Yup, the iPhone is starting to look better each day with its
locked down security.
Is the following not a wonderful story of how good triumphs
over MSFTevil?
Oh well, a billion here; a billion there...:
EU May Give Size Of Microsoft Fine
By a WALL STREET JOURNAL Staff Reporter
February 27, 2008; Page B2
BRUSSELS -- The European Union is expected, as early as
today, to detail the size of a massive fine against Microsoft
Corp. for failing to comply with a 2004 antitrust decision,
according to a person familiar with the matter.
The figure could be as much as ???1.5 billion ($2.22 billion),
which is three times the ???497 million that was assessed in
2004, and an EU record. The fine would be in addition to
???280.5 million already levied for noncompliance.
The 2004 decision ordered Microsoft to turn over technical
documentation it was charged with illegally keeping from rivals.
But in late 2005, the EU said it wasn't satisfied with what
Microsoft had produced and threatened a fine of up to ???2
million per day. That was later raised to ???3 million.
The EU stopped the clock on the daily fines last October, after
Microsoft agreed to license the technical information. But the
EU hasn't yet totaled up how much it will assess, and the final
amount isn't clear. If Microsoft is given the maximum, it works
out to ???1.5 billion.
Nope
EU Paves the way