Thursday, February 28, 2008

A Window Mobile PocketPC trojan that disables Windows Mobile application installation security has been discovered in China.

WinCE/InfoJack sends the infected device's serial number, operating system and other information to the author of the trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The trojan modifies the infected device's security setting to allow unsigned applications to be installed without a warning.
The trojan was packed inside a number of legitimate installation files and distributed widely. It has been distributed with Google Maps, applications for stock trading, and a collection of games. Read more at:
http://www.avertlabs.com/research/blog/index.php/2008/02/26/windows-mobile-trojan-sends-unauthorized-information-and-leaves-device-vulnerable/

No comments: