Trojan spreading mobile spyware

Consumer phone-snooping tool dropped by Symbian malware.

A new variant of the MultiDropper trojan targeting Symbian smartphones has included amongst its payload a 'legitimate' commercial phone spying application, according to researchers at McAfee. The discovery is seen as a sign of a worrying new trend, as smartphones begin carrying increasingly sensitive personal data and even allow access to bank accounts in some systems.

The piece of spyware is designed to log phone call details and SMS messages to a central server, one of several similar tools first noticed in the summer. Although labelled spyware by most mobile security products, the vendors often describe them as having legal and legitimate purposes.

In this case, the application dropped by the trojan is designed only to function on the specific mobile for which it is sold, and will report its findings back to an account only accessible by the original purchaser, and is thus thought to have little value other than as a proof-of-concept. A blog entry from McAfee's Avert Labs is here, with more analysis of the spyware program here.

07 December 2006

Tags: virus del.icio.us digg this