Know~Your~Mobile~Virus 7
Posted In:
Mobiles and Latest Mobile Stuffs
.
By AyurWorld Admin
Symbian –Skudoo.E-F....
Description:
Symbian/Skudoo.E-F are Skulls variants with parts of Doomboot and BlankFont.Variant E also drops Commwarior.B. They appear to be repackagedcollections of recent malware.
Affected Platforms:
Tested on:
· Nokia 6600
· Nokia 7610
Affected:
· Nokia 6600
· Nokia 7610
Payload:
The Skulls files will disable native system applications and some third-party applications. The dropping of Doomboot and BlankFont will cause the device to beunable to reboot, therefore, once the device has been restarted the impact of theSkulls files is no longer an issue. The CommWarrior that is dropped by Symbian/Skudoo.E will spread.
Figure 1 Virus.jpg dropped by Skudoo.F
Analysis/Observation:
Symbian/Skudoo.E is distributed in a sis file named “pop corn.sis”. Variant F is distributed in a sis file named “Rally 3.sis”.
Prevention:
Symbian/Skudoo.E requires that the user intentionally install them upon the device.As always, users should never install unknown or un-trusted software. This is especially true for illegal software, such as cracked applications—they are a favorite vector for malware infection.
How to uninstall:
If the device has been rebooted then a hard-reset must be performed for recovery.
Virus analysis report write up by Mobile Phone Anti-Virus Team on 26th August 2005 ©
Description:
Symbian/Skudoo.E-F are Skulls variants with parts of Doomboot and BlankFont.Variant E also drops Commwarior.B. They appear to be repackagedcollections of recent malware.
Affected Platforms:
Tested on:
· Nokia 6600
· Nokia 7610
Affected:
· Nokia 6600
· Nokia 7610
Payload:
The Skulls files will disable native system applications and some third-party applications. The dropping of Doomboot and BlankFont will cause the device to beunable to reboot, therefore, once the device has been restarted the impact of theSkulls files is no longer an issue. The CommWarrior that is dropped by Symbian/Skudoo.E will spread.
Figure 1 Virus.jpg dropped by Skudoo.F
Analysis/Observation:
Symbian/Skudoo.E is distributed in a sis file named “pop corn.sis”. Variant F is distributed in a sis file named “Rally 3.sis”.
Prevention:
Symbian/Skudoo.E requires that the user intentionally install them upon the device.As always, users should never install unknown or un-trusted software. This is especially true for illegal software, such as cracked applications—they are a favorite vector for malware infection.
How to uninstall:
If the device has been rebooted then a hard-reset must be performed for recovery.
Virus analysis report write up by Mobile Phone Anti-Virus Team on 26th August 2005 ©