Kaspersky Lab, a leading developer of secure content management systems, has detected a new malicious program capable of controlling a user’s mobile phone account.
Last week, Kaspersky Lab experts detected a new malicious program for phones that run the Symbian (the systems that runs Nokia phone) and Windows Mobile platforms. The program detected targets customers of an Indonesian mobile phone operator. The Trojan is written in Python, a script language – an example of the way in which the virus works is that after a user puchases a ringtone from a phone provider, an SMS message is sent to a short number with instructions to transfer part of the money in the user’s mobile phone account to another account, which belongs to the cybercriminals.
There are five known variants of Trojan-SMS.Python.Flocker, from .ab to.af. The amounts transferred range from $0.45 to $0.90. Thus, if the cybercriminals behind the Trojan manage to infect a large number of phones, the amount transferred to their mobile phone account as a result could be quite substantial.
“Obviously, the authors of the Trojan want to make money,” said Denis Maslennikov, a senior malware analyst at Kaspersky Lab.
“It seems that the focus on financial fraud in the mobile malware industry will only get more pronounced over time. Until recently, many people thought that malicious programs that send SMS messages without the user’s knowledge were a purely Russian phenomenon. Now we can see that the problem no longer affects only Russian users – it’s becoming an international issue.”
And in Australia?
Just so as not to have you panic, this problem has NOT shown up in Australia as yet. Our telcos have stronger restrictions on the establishment of premium numbers for instance, so it’s more difficult for criminals to set up here. But while this one is not here, it’s safe to say that at some point in the future malicious programs will find a way here.
Protection: Kaspersky Mobile Security
Kaspersky Mobile Security is a convenient and reliable solution that protects smartphones from Internet attacks, malicious programs that target mobile platforms and SMS spam. It also provides protection for confidential data stored on a smartphone should the device be lost or stolen.
Features of Kaspersky Mobile Security 2009 include:
Anti-theft protection: protection of personal data for a lost or stolen smartphone. To protect personal data stored on a smartphone if it is lost, a user can block his/her smartphone or delete files, messages, and the list of contacts remotely. The user can also find out who the “new owner” of the lost device is.
SMS-Block: in the event of the loss of a smartphone, a user can send a “hidden SMS message” to it, which blocks access to the smartphone until a pre-set password is entered.
SMS-Clean: this function is similar to the SMS-Block feature, but, rather than blocking the smartphone, it cleans the device’s memory and memory cards.
SIM Watch: the SMS-Block and SMS-Clean functions are only available if a smartphone is enabled and the original SIM card is installed. If a smartphone is stolen, the “new owner” will most likely immediately replace the original SIM card. The SIM Watch function will prevent the “new owner” from accessing any personal data without the initial SIM card inserted in the device. If the initial SIM card is replaced with a new one, the SIM Watch function will send the original user the new telephone number of the device without the “new owner’s” knowledge.
Antivirus protection: all incoming or modified SMS, MMS and email items are automatically scanned for malicious programs. On-demand scanning of the mobile device is available at any time. The user can pre-set the best time for antivirus scanning and it will be performed automatically. If an infected object is detected, it is stored in the quarantine folder or deleted.
Firewall: the user can select one of the integrated IP firewall protection levels. Depending on the level selected, one or more connections will be restricted to provide user security.