Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    First J2ME Mobile Phone Trojan Spotted

    By
    Ryan Naraine
    -
    February 28, 2006
    Share
    Facebook
    Twitter
    Linkedin

      Russian anti-virus specialist Kaspersky Lab has discovered evidence of the first mobile phone Trojan targeting J2ME (Java 2 Platform, Micro Edition) devices.

      The sample Trojan, identified as Redbrowser.A, works on most phones with J2ME support, raising fears that malware writers are expanding the target beyond just Symbian-based smart phones.

      Redbrowser.A is a J2ME-based Java Midlet that pretends to be a WAP (Wireless Application Protocol) browser that offers free WAP browsing.

      Instead, once a phone is infected, the Trojan sends text messages to premium rate numbers, saddling the victim with exorbitant messaging charges.

      The infected user gets charged between $5 and $6 for each text message sent by the Trojan, said Shane Coursen, Kaspersky Labs senior technical consultant.

      In an interview with eWEEK, Coursen said the Trojan, which was not found in the wild, is further proof that the mobile malware threat “is expanding rapidly.”

      /zimages/3/28571.gifClick here to read more about cell phone viruses.

      “We now know that its not only a threat to smart phones. All these regular phones that support J2ME are vulnerable and can become a major target,” Coursen added.

      The Redbrowser.A Trojan can be downloaded to the victim handset either via the Internet (from a WAP site) or via Bluetooth or a personal computer, he said.

      F-Secure, a Finnish anti-virus vendor, has issued updated virus definitions for the latest threat.

      “The fact that Redbrowser claims to send free SMS messages as part of its normal operation, is to fool the user into allowing the application permission to use Java SMS capabilities in phones that require permission from the user before sending SMS messages. This claim of free service is a form of social engineering,” said F-Secure researcher Jarno Niemela.

      He said the social engineering texts are in Russian, which limits the Trojan only to Russian-speaking countries.

      /zimages/3/28571.gifRead more here about the Cabir worm targeting smart phones.

      Niemela said the Trojan contains a fixed list of 10 phone numbers to which it will send SMS messages.

      After the social engineering texts are shown, Redbrowser.A it will pick one number from the list at random and send a SMS message to that number.

      “The message sending function is in an infinite loop, so unless terminated by the user, it will send a constant stream of messages. Each of those message will be changed to the users account,” Niemela said.

      A separate blog entry by F-Secures Mikko Hypponen contains screenshots of Redbrowser infecting a Nokia 6630 cell phone.

      “Some old Java viruses like Strangebrew do work on some Java phones, but RedBrowser is the first malware targeting Java phones on purpose,” Hypponen said, noting that it is also the first mobile malware that tries to steal money.

      “The threat is still very limited; this thing does not spread by itself, and we have no direct reports of anybody being hit by it in Russia [where the first reports were from],” he added.

      Hypponen said the Redbrowser Trojan works on many low-end closed phones.

      F-Secure has successfully tested it under Nokia 9300 (Communicator, running Symbian Series 80), Nokia 6630 (Symbian S60 smart phone), Nokia 5140i (low-end Series 40 phone).

      “Weve also heard it works under BlackBerrys with J2ME support. We will be testing it with Nokia 6310i—one of the first phones with Java support,” he said.

      /zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Ryan Naraine

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×