Mobile malware gets smarter

Security experts have warned that virus writers are coming up with neater ways to get smartphone Trojans onto handsets

Three variants of a smartphone Trojan, which requires less user interaction than previous mobile malware to infect devices, have been seen in the wild, according to security experts.

Different forms of the Viver Trojan, or Trojan-SMS.SymbOS.Viver, were placed on a popular file-sharing site, disguised as a photo editor and a set of video codecs, the security specialist said.

Viver, once downloaded by the user, immediately starts sending SMS messages to premium-rate numbers. The messages are sent with international area codes, so they can reach the correct destination even outside Russia, according to F-Secure. For each SMS sent, 177 roubles (approximately £3.50) is deducted from the account of the infected user.

The Trojan is no longer available for download from the site, but 200 people were affected, according to Kaspersky.

Viver uses an approach that was pioneered by the RedBrowser and Wesber Trojans that first appeared last year, according to Kaspersky Labs. RedBrowser and Wesber are Java Trojans that try to send messages to Russian premium-rate numbers. These Trojans require user acceptance for each message and are only able to send messages within Russia, according to F-Secure.