The spyware application comes bundled with a variant of the MultiDropper mobile phone Trojan. McAfee refers to the new online pest as SymbOS/MultiDropper.CG. It tracks SMS text messages that are sent and copies log file with the phone number of incoming and outbound phone calls.
"Although SymbOS/MultiDropper.CG does not appear likely to be a winner, it does signify a probable switch in malware authors’ goals," Jimmy Shah, a mobile antivirus researcher with McAfee, noted on a company blog.
"Rather than destroying your data and information, they’re stealing it for profit."
It appears that the spyware developer isn't spreading the software himself. Instead he is renting out the application to others and provides them with a personal account on a server that gathers all the data from infected phones.
The spyware application provides further evidence that malware will increasingly target mobile phones. Mobile devices become an attractive target for online criminals as the Symbian software is evolving into the defacto standard for consumer models. Smartphones furthermore are more starting resemble computers more closely with consumers getting used to installing and running software on the devices.
A first spyware proof of concept application surfaced about eight months ago, noted Shah.
"There was much speculation on how much time it would take for malware authors to integrate it into their own malware. We have seen malware authors create custom prototype code to implement new attacks but it is interesting to see them purchase commercial spyware to do their job for them."
Researchers spot first mobile spyware
By Tom Sanders on Dec 7, 2006 9:55AM