p2pnet.net News:- F-Secure says it’s received a sample of new Symbian trojan that’s different enough to warrant a new name – Dampig.A, a trojan-born SIS file masked as a crack of version 3.2 of the FSCaller application.

It disables some built-in applications and third party file managers, installs several Cabir variants to phone and because it corrupts uninstall data, can’t be removed without completely disinfecting the phone, says Jarno on the F-Secure blog.

The new Symbian trojan installs Cabir variants, says F-Secure going on, “The Dampig.A trojan disables Bluetooth UI, system file manager, Messaging application and phone book on the infected handheld.”

The good news is the menu app isn’t disabled, so users can use their phones to download disinfect programs.

The Cabir variants don’t start automatically, “but some of the applications that are replaced with Cabir executables, such as Messaging application, will be most likely called and thus executed by the user,” says F-Secure.

And, it warns, “Please note, that even as the FSCaller application that Dampig.A pretends to crack, has similar name to our product naming. It has nothing to do with F-Secure. FSCaller is software made by SymbianWare OHG in Germany.”

Something you think we should know? tips[at]p2pnet.net

===================

See:-
F-Secure blog – New Symbian trojan, March 4, 2005
F-Secure – F-Secure Virus Descriptions : Dampig.A, March 4, 2005

This entry was posted on Friday, March 4th, 2005 at 6:54 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2873 times