|
McAfee: Trojan targets Windows Mobile
Was reading my morning tech news at Ziff and came across this:
http://blogs.zdnet.com/security/?p=904&tag=nl.e539 Which points to this as the source: http://www.avertlabs.com/research/bl...ce-vulnerable/ Anyone here seen this trojan/virus in person? |
Re: McAfee: Trojan targets Windows Mobile
Never seen it. I usually only download from the creator's site anyway and not a 3rd party dl site. Come to think of it, I haven't seen a virus on my computer in about 4 or 5 years and even then they were always the annoying harmless kind that you just deleted.
|
Re: McAfee: Trojan targets Windows Mobile
I was coming to post about this as well... I read about it on WMExperts.
Quote:
|
Re: McAfee: Trojan targets Windows Mobile
I use the mobile edition of Spybot:Search and Destroy, but it only supports running manually...
|
Re: McAfee: Trojan targets Windows Mobile
Damn, this was supposed to be the "hands off" platform, free of s#!t like that.
|
Re: McAfee: Trojan targets Windows Mobile
I think it's funny how the developer said he did not mean to do anything evil, yet this thing copies itself onto the SD card and sends your personal info to him...
|
Re: McAfee: Trojan targets Windows Mobile
LOL I'm sure, he just simply wanted to get to know us better
... :rolleyes: |
US-CERT Warns of Microsoft Windows CE Trojan
http://www.eweek.com/index2.php?opti...ge=0&hide_js=1
The WinCE/InfoJack Trojan hijacks the infected device's serial number, operating system and other information and uploads it to an attacker-controlled Web site. The U.S. Computer Emergency Readiness Team has raised an alert for an in-the-wild malware attack against Microsoft Windows CE powered mobile devices. According to the US-CERT warning, the Trojan horse program is capable of disabling Windows Mobile application installation security. The Trojan, dubbed WinCE/InfoJack by anti-virus vendor McAfee, has been programmed to hijack the infected device's serial number, operating system and other information and upload it to a Web site controlled by the attacker. "It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The Trojan modifies the infected device's security setting to allow unsigned applications to be installed without a warning," McAfee said in a post on its Avert Labs blog. The Trojan was packed inside a number of legitimate installation files and distributed widely. It has been distributed with Google Maps, applications for stock trading, and a collection of games, McAfee said. Here are some characteristics of the Trojan: Spreads via seemingly legitimate application installation files Installs as an autorun program on the memory card Installs itself to the device when an infected memory card is inserted Protects itself from deletion by copying itself back to disk Replaces the browser's homepage Allows unsigned applications to install without warning McAfee researcher Jimmy Shah said the ability to allow silent installations of unsigned applications can be used by the Trojan to auto update itself and open a backdoor on the mobile device for future malware installations. The Web site associated with the Trojan is no longer accessible due in part to an investigation by law enforcement officials, Shah said. The Trojan was first discovered in the wild in China. The US-CERT is encouraging Windows CE users to install and run updated anti-virus software on mobile devices and use caution when downloading and installing applications. |
Re: US-CERT Warns of Microsoft Windows CE Trojan
Quote:
|
Re: US-CERT Warns of Microsoft Windows CE Trojan
Quote:
I've had this debate for years with my counterparts in the IT industry... whether mobile device AV software is really necessary. If you remember, there was a Symbian platform (used by many non-Windows phones) virus a few years ago (read here: http://www.mobiledia.com/news/27141.html) and it got folks to think a lot about this subject. In my current corporate environment we us BlackBerries and a BB Enterprise Server setup, this creates a potential back door into the corporate email system if a mobile device becomes compromised. Microsoft is constantly building in more and more desktop-like functionality into it's mobile products (ie, Pocket Outlook, IE, Office, etc). So it's looking more and more like we have to secure mobile devices the same way we secure desktops, they have become viable endpoints for intrusion into networks. So to answer your original question, here's one product for the mobile phone platform: http://www.avast.com/eng/avast_4_pda.html I can't endorse the product since I haven't had a chance to test it. But it's one of many products I'll probably start to evaluate as part of my job. -TC |
| All times are GMT -4. The time now is 12:00 PM. |
Powered by vBulletin® ©2000 - 2025, Jelsoft Enterprises Ltd.
©2012 - PPCGeeks.com