Security threats Toolkit

Mobile Trojan launches Skulls attack

Published: 06 Jan 2005 16:50 GMT

A new variant of the Skulls Trojan horse that affects Symbian mobile phones has been discovered.

F-Secure reported on Monday that this new version, called Skulls.D, kills off all system applications in the same manner as previous variants. But rather than turning individual application icons into skulls, Skulls.D tells users they have been infected by displaying a full-screen flashing skull.

Users who have been infected cannot run programs, take pictures or send text messages, although they can still make phone calls. The Trojan also prevents users from installing new applications, so the majority of infected users will need to reset their phone. This will leave the phone in its default factory condition and delete any data such as address books.

F-Secure has only had reports of Skulls.D from two users, who were infected after downloading an application from a Web forum. Users can reduce the risk of being infected by exercising caution, said Mikko Hyppönen, the director of antivirus research at F-Secure.

"Be careful about what you download and where you download it from," said Hyppönen. "You are most at risk if you are downloading illegal copies of applications, especially from peer to peer networks."

The first Skulls variant was discovered at the end of November 2004. A later version was packaged with the mobile phone virus Cabir. Hyppönen warned there are likely to be more variants in the future. "We are waiting for the next variant," said Hyppönen.