Summer Brings Mosquito-Borne Malware (Part 3 of 3)
- Aug 6, 2004
The summer of 2003 brought a new wave of a deadly, mosquito-borne viruses. This summer, a new Mosquito-borne infection arrived. But it didn't attack humans. Rather, it infected cellular phones.
The Symbian operating system powers many cellular phones, and also supports a wide range of third-party applicationsincluding games. Unfortunately, one popular game turned out to have a "cracked" version that was secretly infected with a Trojan horse. The Mosquito dialer Trojan infects the popular game Mosquito with code that secretly messages pay-per-call numbers.
What Is a Dialer Trojan?
A dialer Trojan is malware coded to secretly dial phone numbers, leaving the infected victim with a large phone bill. There are two reasons why someone might code and spread a dialer Trojan. The first reason is destructive, perhaps as tool of revenge. The second reason is for financial gain. Simply set up a premium 900 number and charge $5.99 a minute. Then, all the malicious coder needs is a few hundred infected victims to make a decent amount of money.
As a desktop analogy, many free porn web sites use browser-based exploits to infect PC users with dialer Trojans. This is a classic example of dialer Trojans being used for financial gain. Dialer Trojans have been around on PCs for many years. Traditional PC dialer Trojans rely on the infected computer having a working modem, and the modem needs to be connected to a wall socket. It was only a matter of time before someone realized that coding dialer malware for computers that mostly rely on broadband was a waste of time. Such malware coders have now moved to cellular phones.
Symbian-based cellular phones offer the ability to run far more code than earlier cell phones. Cellular phones can now be used to play games, surf the Internet, and perform many other activities traditionally done from a desktop computer. While these features are useful for consumers, it also means that malware coders have an increasing scope in which to apply malicious code. Code that once worked only on desktop computers can now be ported easily to work on handheld devices running the Symbian OS.