A newly detected mobile phone trojan is charging mobile phone users $5 to
send a premium rate SMS message, security experts warned today at
Infosec Europe
2006.
F-Secure explained
that a proof-of-concept attack had been reengineered to make money illegally
from mobile phone users.
Advertisement
"The trojan gets your phone to send an SMS to a premium rate number and then
sends an authority that they can charge you without you knowing about it," said
Richard Hales, country manager for UK and Ireland at F-Secure.
F-Secure warned that users are still leaving their mobile devices and laptops
open to attack by using unsecured Bluetooth connections,
despite the company's warnings at trade shows such as CeBIT.
The security firm's honeytrap system at Infosec picked up 1,142 open
Bluetooth products in the first three hours of the security show, and had 183
devices in range as it was demonstrated to
vnunet.com.
Hales said that the new attack is similar to the
CommWarrior mobile virus which originally spread itself
over mobiles without causing anything more than a higher bill for sending itself
to contact via MMS as well as Bluetooth.
User ignorance is still the main reason for the spread of CommWarrior type
viruses, according to F-Secure.
"If someone's phone is infected with CommWarrior, all of these phones in
range would be getting a message saying: 'Install CommWarrior, yes or no?',"
said Hales.
"If you say no it immediately pops the message back up again if you're still
within range. So you press no, no, no, oh for goodness sake, yes."
Do you agree?
Have your say on this article