Smartphone 'Trojan' found to be code flaw

The 'Trojan' SMS dialler infecting mobile phones running pirate copies of the "Mosquitos" game is not actually a Trojan at all but rather a botched copy-protection feature of the original game.

Earlier this week mobile operating system maker Symbian warned that illegal versions of the game contain a Trojan that sends costly SMS text messages to premium rate lines without the owner realising it until the bill arrives.

But, in a startling twist, it has now emerged that the premium rate SMS functionality was put in the game from the beginning by the original manufacturer.

Mikko Hypponen, head of antivirus labs at F-Secure, said there is no "cracked" version of the game because nothing has been added to the code in the illegal game, which is still available on P2P networks.

"There was nothing to crack as there was no copy protection," he said.

The original feature included when the game launched late last year was intended to prevent users buying cheaper versions in different countries, according to Hypponen, who spoke to the game's manufacturer's this week.

If bought in a different region it would send an SMS to one of the premium rate toll numbers which would then allow the game to be unlocked. But after complaints from customers, the feature was removed from the original code earlier this year. The illegal copies merely contain the code with the original SMS dialler feature.

"I think they thought they had a really novel idea but it really backfired," said Hypponen. "I don't think they were trying to be evil, just trying to get the bad guys. It's not like some shady operation."

He said the fact that the SMS messages are not hidden in the phone logs is evidence there was no underhand motive from the game's manufacturers.

The premium rate contracts for the SMS messages have now been terminated, so although old and illegal versions of the game still send the messages, it only costs the nominal fee of sending and SMS and not the premium rate fee.