Phone Trojan 'has botnet features'

Phone Trojan 'has botnet features'

Summary: A piece of low-risk malware aimed at mobile devices with Symbian operating systems has the capacity to enable a hacker to build a botnet of phones, according to Trend Micro

TOPICS: Security

A piece of mobile malware has the capacity to enable a hacker to build a botnet of phones, according to security vendor Trend Micro.

The Symbian Trojan, which Trend Micro detects as SYMBOS_YXES.B, poses as a legitimate application called ACSServer.exe and calls itself 'Sexy Space'. It steals the user's subscriber, phone and network information, and connects to a website to send that information back to a hacker. It can also target the victim's contacts with spam SMS messages, and pull the content in those messages from the malicious website.

"In short, it appears to be a botnet for mobile phones," wrote Jonathan Leopando of the Trend Micro technical communications team in a blog post on Wednesday.

However, the malware itself is classified as low risk, with a low distribution potential, according to a Trend Micro analysis.

Leopando added that there may be a problem with digital signing by the Symbian Foundation. Digital signatures, which are cryptographic security features, are designed to provide a level of certainty that a message or piece of software actually comes from the organisation it appears to have come from.

However, Leopando wrote in the blog post that SYMBOS_YXES.B was similar to another phone malware that Trend Micro detects as SYMBOS_YXES.A, and that both pieces of malware had been signed by Symbian Foundation.

"The signing process — undertaken by the Symbian Foundation itself — is supposed to ferret out instances like this, but somehow this slipped through," wrote Leopando. "It may well be a coincidence, but it does not reinforce confidence in the signing system."

The Symbian Foundation had not responded to a request for comment at the time of writing.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to start the discussion