Ransomware attacks target Symbian mobiles

By

Researchers have discovered malware which holds mobile phone data to ransom..

Ransomware attacks target Symbian mobiles
The Kiazha.A code is currently targeting Symbian-based handsets in China.

The malware removes all sent and received text messages, and threatens to permanently cripple the handset unless users pay a fee.

Users are instructed to deposit a payment of around US$7 in an account through QQ, a Chinese instant messaging and virtual currency system.

Kiazha.A is being distributed as part of a larger malware payload known as SymbOS/Multidropper.cr.

Other elements in the package automatically set up a QQ account for the user, and forward all text messages to the malware author. Users are charged for all messages sent by the malware.

"The interesting thing about multi-droppers is that they are usually compiled by malware authors who are not programmers and simply collect the work of others," wrote McAfee Avert Labs engineer Jimmy Shah in a blog posting.

"With MultiDropper.CR it appears that the author, with a lot of effort and testing, put together various malware-like pieces from a toolkit."

Shah also noted that the malware is profit driven, a rarity in the mobile malware field where authors mostly create attacks to gain notoriety.

Kiazha.A is the second major mobile phone attack to hit China in recent days after a malware infection targeting Windows Mobile handsets was discovered last week.

WinCE/InfoJack also attempts to steal information, but contains a component which leaves handsets open to future attacks.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?