New mobile viruses, disguised as “Free World Cup VOD” and other hot topics, were captured last week by the Mobile Security Center of NetQin Mobile Inc. More than 500 complaint cases were reported and filed on June 23.
Identified as ShadowSrv.A, FC.Downsis.A, BIT.N and MapPlug.A, these viruses were embedded in mini mobile games to lure users to download. Once downloaded, the device will be controlled by the virus originator. The virus propagation model is the same as a computer “Botnet”; hence, the viruses are defined as “Botnet viruses”.
The term “botnet” is generally used to describe security threats on PCs, where a group of computers all run a harmful application that is solely controlled and manipulated by one owner or software source. The botnet may also refer to a legitimate network of several computers that share program processing amongst them. Though the purpose of the virus author is unknown, the propagation model of the three viruses indicates that botnets on mobile devices are now emerging and pose a growing threat.
“The explosion of mobile applications has made smart-phones an enticing target for virus authors. Many security threats that were once only spread on PCs, such as botnets, are now moving to mobile devices to maximize the financial interest,” said Dr. Lin Yu, CEO of NetQin.
According to the mobile security service provider, these viruses will either send messages to all the contacts of the address book directly, or send messages to the random phone numbers by connecting to the server; both of which result in extra charges to the user’s phone bill. Furthermore, the viruses will delete the sent messages from a user’s Outbox and SMS log. The messages sent by viruses are themed the hottest topics, including Free World Cup VOD, and the most popular blind date TV show, etc. All messages contain URLs linked to malicious sites that users are unable to see until they’ve already clicked and fallen into the virus trap.
The targets of these botnets are mobile devices with S60 3rd and 5th OS. An estimated 100,000 mobile phones were impacted, according to the Mobile Security Center of NetQin Mobile Inc. NetQin has now updated the virus database to ensure users get timely protection. Meanwhile, the security service provider is also working closely with operators to block the malicious URLs and prevent further spread and infections.