Mig33 ASIA

Mig33 Asia Community The World On Your Hand


    MOBILE VIRUS !!!

    Share
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:47 pm

    Know Your viruS




    Again I would like to acknowledge Sir Calvin Tang the developer of calvinstinger, Rocky and Sir Eldogg for sharing this information

    PHONE BOOK STEALER

    Description:

    This type of mobile virus is very interesting that it'll steal user phonebook data and then it will compile it into a text file and sent it through
    bluetooth without user confirmation.

    So far, this is the first Symbian Virus that I've seen that it will steal user data without
    user confirmation and sent thorogh other bluetooth supported devices.


    Affected Platforms:

    Tested on:

    Nokia 6680
    Nokia 3660

    Affected:

    Nokia 6680


    Analysis/Observation:

    This trojan was distributed in an application file and it is spreading in pbexplorer.SIS.

    Symtomps:

    When user try to install this suspicious *.SIS file, the image shown below is screenshoot taken during installation process:


    After installation complete, the application has set to run automatically and will display the following text:

    ________________
    | Phone Book |
    | Compacting |
    | by: lajel 202u |
    | |
    | please wait... |
    |________________|

    ________________________
    | Compacting |
    | your contact(s),step 2 |
    | |
    | Please wait again |
    | until done... |
    |________________________|

    After the malicious process done, it will pop out a message:

    "Done!!!"

    If user press [OK] the malicious program will ended itself and after some times,
    it will start searching for bluetooth devices and sent all phonebook information in
    text file via bluetooth.


    Prevention:

    This malware requires that the user intentionally install them upon the device. As always, users should never install third party application from unknown site.

    How to uninstall:

    By using latest version of CalvinStinger Symbian Viruses Disinfection Tool.

    Special Announcement:

    Recently there is some fella from Indonesia are spreading Symbian Malwares Widely in Yahoo Group and
    it's recomended not to download any file from there.
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:50 pm

    SYMBIAN TROJAN--Mabtal.A
    Profimail v2.75_FULL.SIS/SymbOS Mabtal.A is a SIS file malware that pretends to be a cracked version of Profimail which is a very popular E-Mailing third party application in Symbian Platform, in fact, it is a malware which drops Mabir.A, Caribe and Fontal variants into the phone system, besides, it also drops some corrupted binaries file which causing the phone auto-restart and showing fatal error message. Next the phone will fail to boot-up permanently.

    Suspicious file tested using the following handsets:

    NOKIA 3660 (Symbian OS 6.1)
    NOKIA 6680 (Symbian OS 8.0)

    Positive analysis results:

    While tested using the above handsets, both platform was affected. When user tries to install the suspicious file into his phone, it will look like the below image:


    While installing the suspicious file, it will show a message as shown below:


    This suspicious file automatically installed all files into the phone memory. Cabir virus will start spreading via bluetooth and keeps listening if any incoming message arrives in the phone, when any SMS/MMS message arrives in the phone, mabir.A virus will immediately sent itself out via MMS for spreading purpose.

    When user tries to access the Profimail and ProfiExplorer third party application, it may display an error message as shown below:


    After it has successfully restart, due to the corrupted fonts, the device can't boot up permanently.

    By using the hash-number-matching method, the following files was proved to be a malware files while analyzing work is in progress:

    11x12 euro_fonts.gdr detected as SymbOS.Fontal.A
    CARIBE0.APP detected as SymbOS.Mabir.A
    CARIBE0.RSC detected as SymbOS.Cabir
    flo0.mdl detected as SymbOS.Mabir.A
    flo.mdl detected as SymbOS.Mabir.A
    caribe.app detected as SymbOS.Mabir.A
    caribe.rsc detected as SymbOS.Cabir
    Appinst.app detected as SymbOS.Cabir.U2
    Appinst.aif detected as SymbOS.Cabir.U2


    This malware doesn't come with any valid digital certificate but it can replicate itself via bluetooth or MMS(Mabir.A) and it will cause severe damage to Symbian OS 6.1 handsets!
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:51 pm

    SplinterCell-ChaosTheory_S60_cracked-XiMPDA.SIS OR SymbOS/Skudoo.A
    This is a Series 60 trojan that installs skulls trojan, MGdropper, Commwarrior, Doomboot.A and cabir into the targeted device. When this trojan executed, most of application in the phone being replaced by a non-functional or corrupted files by the trojan into the phone, causing application can't run as usual. It fails to attack NOKIA 6680 while the phone has been restarted. Anyway, McAfee AVERT mentioned that this trojan will cause the phone fail to reboot on the next restart by the user.

    It is also the first mobie trojan in the world which capable propagates MGDropper virus and Commwarrior virus vice-versa.


    It contains also the image as shown below while I have extracted the *.SIS file:

    Some of the blank icon that the trojan drops actually is coded to auto restart the phone, when the phone has been restarted, the menu function of the phone can't no longer be function and thus this totally lock the whole phone.

    When user tries to installs the trojan into the phone, the symptoms are as shown below:


    While installing the suspicious file into the phone, it will pop up a message as shown below:
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:53 pm

    Skulls.CB


    This virus claims to be a third party application but in fact, it is a trojan which drops several non-functional system file and corrupted fonts into the phone system, causing puzzle-like and blank icon shown in the phone.

    User should take alert about this suspicious file when the following symptoms as shown in the image below:

    When user try to install it into the phone:



    Such message popping out in the installation process:


    The phone will look like this:


    Never click on the blank icon as it would automatically restart the phone which causing the phone fail to reboot next time due to malware attacks.

    This malware spreading in Fontal.C.sis

    Virus tested and information write up by Calvin on 29 July 2005
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:54 pm

    Blankfont.A


    [center]Blankfont.A is a SIS file trojan that installs corrupted Font file into infected device. The corrupted font does not cause device to crash, but if the device is rebooted it will lose the system font, and is unable to display user interface texts.


    If a phone is infected with Blankfont.A, it must not be rebooted as the trojan will corrupt system font and make disinfection quite difficult. If the phone is rebooted it can still be disinfected but, doing so is rather difficult as there is no text on the screen.

    Spreading in Rally_2.sis
    :cry:
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:56 pm

    Symbian- Skudoo.C/Skudoo.D


    [center]Description:

    Symbian/Skudoo.C-D are Skulls variants with parts of Doomboot. Variant C also drops Commwarior.B. Variant D drops MGDropper. They appear to be repackaged collections of recent malware.

    Affected Platforms:

    Tested on:

    Nokia 6600

    Affected:

    Nokia 6600

    Payload

    The Skulls and MGDropper files will disable native system applications and some third-party applications. The dropping of Doomboot will cause the device to be unable to reboot, therefore, once the device has been restarted the impact of the Skulls and MGDropper files is no longer an issue.The CommWarrior that is dropped by Skudoo.C will spread.


    Figure 1 Desktop screen of Skudoo.C


    Analysis/Observation

    Both variants have filenames implying that they are pirated versions ofvideo games. Variant C claims to be a cracked version of Need for Speed1. Variant D claims to be "Carmageddon_3D_s60_BETA.sis".

    Prevention

    Both variants require that the user intentionally install them upon the device. As always, users should never install unknown or un-trusted software. This is especially true for illegal software, such as cracked applications-they are a favorite vector for malware infection.

    How to uninstall

    If the device has been rebooted then a hard-reset must be performed for recovery.

    For Skudoo.D, as all malicious files are installed the external phone card, removing the card will restore full use of the phone.
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sat Apr 05, 2008 2:58 pm

    Symbian -Skudoo.E-F


    [center]Description:

    Symbian/Skudoo.E-F are Skulls variants with parts of Doomboot and BlankFont.Variant E also drops Commwarior.B. They appear to be repackagedcollections of recent malware.

    AffectedPlatforms:

    Tested on:

    Nokia 6600
    Nokia 7610

    Affected:

    Nokia 6600
    Nokia 7610

    Payload:

    The Skulls files will disable native system applications and some third-party applications. The dropping of Doomboot and BlankFont will cause the device to beunable to reboot, therefore, once the device has been restarted the impact of theSkulls files is no longer an issue. The CommWarrior that is dropped by Symbian/Skudoo.E will spread.



    Figure 1 Virus.jpg dropped by Skudoo.F

    Analysis/Observation:

    Symbian/Skudoo.E is distributed in a sis file named "pop corn.sis". Variant F is distributed in a sis file named "Rally 3.sis".

    Prevention:

    Symbian/Skudoo.E requires that the user intentionally install them upon the device.As always, users should never install unknown or un-trusted software. This is especially true for illegal software, such as cracked applications-they are a favorite vector for malware infection.

    How to uninstall:

    If the device has been rebooted then a hard-reset must be performed for recovery.

    Virus analysis report write up by Mobile Phone Anti-Virus Team on 26th August 2005
    avatar
    mutia81
    SUPER POSTER

    Female
    Jumlah posting : 986
    Age : 35
    Location : Indonesia
    Interest : Chatting
    Mig33 Username : mutia81,t81,october81
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 28.03.08

    Re: MOBILE VIRUS !!!

    Post by mutia81 on Sat Apr 05, 2008 4:55 pm

    thanks 4 sharin admin br0.So long ur explanati0n.Anw nice info....
    avatar
    cpd
    VVIP MEMBER

    Male
    Jumlah posting : 389
    Age : 28
    Location : Indonesia
    Interest : chatting, browsing, playing game
    Mig33 Username : cpd
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 14.03.08

    Re: MOBILE VIRUS !!!

    Post by cpd on Sat Apr 05, 2008 5:43 pm

    how with COMWARRIOR MATRICKS?????????
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Sun Apr 06, 2008 11:55 am

    If u wanted to delete COMMWARRIOR MATRIX Firstly, u must format your MMC and hard reset your phones then u must install f-commwarrior.sis open this application to stop commwarior matrix for temporary, then install fsc-os7.sis anti virus for more details please private me in mig33 (judge-master)
    avatar
    izna-love.you
    Special member
    Special member

    Female
    Jumlah posting : 424
    Location : Indonesia Tanah Airku,Tumpah Darahku
    Interest : Cats&boy
    Mig33 Username : cute_izna,lz.z
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 28.03.08

    Re: MOBILE VIRUS !!!

    Post by izna-love.you on Mon Apr 07, 2008 6:54 am

    Wow its so long informtion.Thanks admin...
    Beware from virus infection...Bt if a love virus infect me,i will be enjoyble Laughing
    avatar
    cpd
    VVIP MEMBER

    Male
    Jumlah posting : 389
    Age : 28
    Location : Indonesia
    Interest : chatting, browsing, playing game
    Mig33 Username : cpd
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 14.03.08

    Re: MOBILE VIRUS !!!

    Post by cpd on Tue Apr 08, 2008 3:07 pm

    ya but our data will be lost :shock:
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Tue Apr 08, 2008 5:43 pm

    Yes mod cpd our data will be lost but its better than u lost ur phone's system,if u dunt do anything to ur infected phones, this virus will evolve to higher level and more worse if u just waiting until ur phones is done by this virus..
    avatar
    Eny3nG
    Junior

    Male
    Jumlah posting : 41
    Age : 32
    Location : Martapoera City
    Interest : xxxx
    Mig33 Username : Eny3nG
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 13.03.08

    Re: MOBILE VIRUS !!!

    Post by Eny3nG on Wed Apr 09, 2008 7:11 am

    thank bapa admin
    avatar
    izna-love.you
    Special member
    Special member

    Female
    Jumlah posting : 424
    Location : Indonesia Tanah Airku,Tumpah Darahku
    Interest : Cats&boy
    Mig33 Username : cute_izna,lz.z
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 28.03.08

    Re: MOBILE VIRUS !!!

    Post by izna-love.you on Wed Apr 09, 2008 1:33 pm

    Where is this virus come from?Give me specifik explain pls
    avatar
    WEBMASTER
    Web master
    Web master

    Male
    Jumlah posting : 1001
    Age : 28
    Location : boyolali
    Interest : Mig33
    Mig33 Username : max.overdrive
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 118
    Registration date : 17.01.08

    Re: MOBILE VIRUS !!!

    Post by WEBMASTER on Thu Apr 10, 2008 9:16 am

    Utk informasi lengkap tentang COMMWARRIOR MATRIX coba KLIK DISINI
    avatar
    izna-love.you
    Special member
    Special member

    Female
    Jumlah posting : 424
    Location : Indonesia Tanah Airku,Tumpah Darahku
    Interest : Cats&boy
    Mig33 Username : cute_izna,lz.z
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 28.03.08

    Re: MOBILE VIRUS !!!

    Post by izna-love.you on Fri Apr 11, 2008 9:13 am

    Makasih admin, gw intip yup
    avatar
    cpd
    VVIP MEMBER

    Male
    Jumlah posting : 389
    Age : 28
    Location : Indonesia
    Interest : chatting, browsing, playing game
    Mig33 Username : cpd
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 14.03.08

    Re: MOBILE VIRUS !!!

    Post by cpd on Sat Apr 12, 2008 9:48 pm

    bentar liat dulu yap
    avatar
    mutia81
    SUPER POSTER

    Female
    Jumlah posting : 986
    Age : 35
    Location : Indonesia
    Interest : Chatting
    Mig33 Username : mutia81,t81,october81
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 28.03.08

    Re: MOBILE VIRUS !!!

    Post by mutia81 on Sun Apr 13, 2008 1:17 pm

    thanks for share admin bro.hope usefull.keep it up Wink
    avatar
    izna-love.you
    Special member
    Special member

    Female
    Jumlah posting : 424
    Location : Indonesia Tanah Airku,Tumpah Darahku
    Interest : Cats&boy
    Mig33 Username : cute_izna,lz.z
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 28.03.08

    Re: MOBILE VIRUS !!!

    Post by izna-love.you on Tue Apr 15, 2008 8:19 pm

    thanks admin,tnyt gw dah pke Smile
    avatar
    ropoom786
    Super member ll

    Male
    Jumlah posting : 228
    Age : 25
    Location : Bangladesh
    Interest : Love All People
    Mig33 Username : ropoom786
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 12.05.08

    Re: MOBILE VIRUS !!!

    Post by ropoom786 on Tue May 13, 2008 3:08 pm

    Nice broo...
    avatar
    dhukko_bilasi
    BORN

    Male
    Jumlah posting : 7
    Age : 30
    Location : Bangladesh (Rajshahi)
    Interest : Chatting, making friendship
    Mig33 Username : dhukko_bilasi
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 13.05.08

    Re: MOBILE VIRUS !!!

    Post by dhukko_bilasi on Tue May 13, 2008 11:03 pm

    Izna, virus is a programm, itz make are programmer. Migg33 softwares is also a programm.
    Sometimes programmer make a virus for fun, sometimes make for hacking, and may be to destroy others computers data.

    I hope, u r understand Very Happy
    avatar
    seven_shadow
    Super member l

    Male
    Jumlah posting : 198
    Age : 28
    Location : Bangladesh
    Interest : mig33
    Mig33 Username : seven_shadow
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 14.05.08

    Re: MOBILE VIRUS !!!

    Post by seven_shadow on Wed May 14, 2008 1:52 pm

    i dont have mobile phone
    avatar
    zebhi
    Super member ll

    Male
    Jumlah posting : 213
    Age : 30
    Location : Indonesia
    Interest : chatting, browsing, travelling, friendship
    Mig33 Username : zhe_virgo
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 18.05.08

    Re: MOBILE VIRUS !!!

    Post by zebhi on Sun May 18, 2008 3:25 pm

    So install anti virus for ur mobile phone...


    My handphone juz got error becoz the virus.
    Send MMS automatically n' make my HP not work properly ...

    Huh, I must spend time a day for fix it.
    But my data in phone memory deleted.

    Hah, poor me ... :cry: :cry: :cry:
    avatar
    luv.inspecta
    Regular member

    Male
    Jumlah posting : 137
    Age : 30
    Location : SAUDI ARABIA
    Interest : MIG33 , MAKING FRIENDS , SKETCHING AND MANY MORE
    Mig33 Username : luv.inspecta
    WARNING :
    0 / 1000 / 100

    Reputation : 0
    Level : 0
    Registration date : 24.05.08

    Re: MOBILE VIRUS !!!

    Post by luv.inspecta on Sat May 24, 2008 10:03 am

    thanks for sharing
    have a nice day
    luv.inspecta

    Sponsored content

    Re: MOBILE VIRUS !!!

    Post by Sponsored content


      Waktu sekarang Mon Mar 27, 2017 3:48 am