Security news
Security news1 March 2006
Mobile Trojan horse tries to send premium rate SMS messages Redbrow Trojan horse is further evidence of malware written for profit
 |
| Sophos experts say that there is no need for panic. |
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have urged mobile phone owners not to panic following the discovery of the first cellphone malware that tries to make money.
The Troj/Redbrow-A Trojan horse (also known as RedBrowser) runs on certain phones with support for J2ME (Java Micro Edition), posing as an application which enables cellphones without WAP capability to have WAP access. The Trojan, which is entirely in Russian language, sends a number of premium rate SMS messages, costing the user money.
"Redbrow is a Trojan horse, which means it can't spread under its own steam. This, combined with the fact that it is written entirely in Russian and only works on the Russian mobile phone network, means that most people are extremely unlikely to ever encounter it," said Graham Cluley, senior technology consultant for Sophos. "However, during the last year we have seen more and more malware being written for profit, and this is further evidence of that growing trend."
This is not the first time that Russian hackers have tried to use malware to exploit the cellphone SMS system. In late 2004, the Troj/Delf-HA Trojan horse was discovered, which helped spammers send unsolicited spam messages to mobile phones.
Sophos has received no reports of customers being affected by the Redbrow Trojan horse, and issued protection against the threat at 19:53 GMT, 28 February 2006.
Sophos continues to recommend that users exercise caution about what software they run on their computers and mobile devices, and run up-to-date security software.
Do you know how many employees are running virtualisation software on their PCs?
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
