PHONE BOOK STEALER
Description:
This type of mobile virus is very interesting that it'll steal user phonebook data and then it will compile it into a text file and sent it through
bluetooth without user confirmation.
So far, this is the first Symbian Virus that I've seen that it will steal user data without
user confirmation and sent thorogh other bluetooth supported devices.
Affected Platforms:
Tested on:
· Nokia 6680
· Nokia 3660
Affected:
· Nokia 6680
Analysis/Observation:
This trojan was distributed in an application file and it is spreading in pbexplorer.SIS.
Symtomps:
When user try to install this suspicious *.SIS file, the image shown below is screenshoot taken during installation process:
After installation complete, the application has set to run automatically and will display the following text:
________________
| Phone Book |
| Compacting |
| by: lajel 202u |
| |
| please wait... |
|________________|
________________________
| Compacting |
| your contact(s),step 2 |
| |
| Please wait again |
| until done... |
|________________________|
After the malicious process done, it will pop out a message:
"Done!!!"
If user press [OK] the malicious program will ended itself and after some times,
it will start searching for bluetooth devices and sent all phonebook information in
text file via bluetooth.
Prevention:
This malware requires that the user intentionally install them upon the device. As always, users should never install third party application from unknown site.
How to uninstall:
By using latest version of CalvinStinger© Symbian Viruses Disinfection Tool.
Special Announcement:
Recently there is some fella from Indonesia are spreading Symbian Malwares Widely in Yahoo Group and
it's recomended not to download any file from there.