Trojan horse program runs on Symbian Series 60 mobile phones and prevents them from restarting.

Antivirus company F-Secure is warning mobile phone users about a new malicious software program that infects phones using the Symbian Series 60 operating system and prevents the phones from starting.

The Trojan horse program, dubbed Fontal.A, is not a worm or virus, and would have to be downloaded by the Symbian phone's owner to infect the phone. It is just the latest example of malicious code, including worms and viruses, that targets mobile devices.

Fontal.A was discovered on Wednesday and is transferred to mobile phones as an SIS-format installer file called "Kill Saddam By OID500.sis," F-Secure says.

Once installed, the program damages the phone so that the device cannot reboot. Mobile phone users who are infected with Fontal should not turn off their phone before removing the Trojan horse, F-Secure says. The company has posted instructions for removing the Trojan horse from infected phones.

Don't Download It
Unlike earlier threats to mobile devices, such as the Cabir worm, Fontal does not attempt to spread from phone to phone. Phone users can be infected only by downloading the SIS file containing the Trojan horse from a Web site or from a peer-to-peer file-sharing network, F-Secure says.

Malicious programs that run on mobile platforms such as Symbian have become more common since Cabir, the first mobile worm, was identified in August 2004. Variants of Cabir have since spread to 16 countries, including the United States, Japan, and France. In March, antivirus companies also identified the first mobile phone worm, CommWarrior, which spreads using MMS (Mobile Messaging Service).

Trojan horse programs have been proliferating, as well. In March antivirus companies warned about the Drever.C Trojan horse, which infected Symbian phones and attempted to stop mobile antivirus software running on those devices.


Source : PCWorld