A new Trojan horse aimed at smart phones using Symbian operating system galloped in earlier this week, just in time to spoil the festive season for uninformed wireless gamers.
MetalGear.a masquerades as a Symbian version of the Metal Gear Solid game, disables antivirus programs and also installs a version of the Cabir worm identified earlier this year, according to SimWorks which issued an alert about the Trojan.
The Cabir worm, in turn, attempts to spread a second Trojan program, called SEXXXY, to nearby phones through the Bluetooth short-range wireless protocol.
“This is a new strand of smartphone malware because it consists of three elements: two Trojans and a worm,” said Aaron Davidson, chief executive officer of SimWorks. “It also shows how viruses writers are getting more sophisticated.”
To infect their phones, users must open and install the fake Metal Gear game, says Davidson. “There are plenty of websites offering cracked versions of games,” he said. “These sites are used not only by people seeking free software but also by virus writers.”
Last month a Skulls smartphone Trojan was detected. The MetalGear Trojan uses the same icon-disabling technique to disable antivirus and other applications.
The Trojan also installs a version of the Cabir worm, which seeks to spread itself by sending a file called SEXXXY.sis to any Bluetooth-enabled phones in the vicinity, SimWork said. If users accept and install this file, it disables the Symbian application button on their phones.
In particular, if users install the MetalGear Trojan program, they will have difficulty repairing their phones because the program effectively disables all tools on the phone necessary to undo the damage, Davidson said.
The MetalGear and SEXXXY Trojan programs are included in a program, called Metal Gear.sis.
Antivirus software from SimWorks has been updated to provide protection from both Trojan programs, Davidson said.
So far, Trojan horses, worms and viruses aimed at smartphones have failed to spread rampantly as their propagation has been hindered by the need for users to accept and install programs.