[Virus Alert] 2 new worms found

Worm name: SYMBOS_ONEJUMP.A

Risk rating: MEDIUM

Damage Potential: MEDIUM

Distribution Potential: MEDIUM

 

Description:

This Symbian malware arrives via manual data transfer. Unlike most Symbian malware, it cannot propagate via Bluetooth.

 

Once installed, it drops several files into the memory card (or drive E) of the affected mobile device, including a malware detected by Trend Micro as BKDR_NETBUS.20.D. It also drops a malware detected as SYMBOS_BLANFON.A into the phone's C:\System\fonts folder.

 

This malware overwrites several normal utilities, antivirus-related files, and applications installed on the affected mobile device with malformed copies. Since the said copies are non-functional replacements of the original system files, the said routine causes several applications to malfunction.

 

 

Worm name: TROJ_SMALL.BOO

Risk rating: HIGH

Damage Potential: HIGH

Distribution Potential: HIGH

 

Description:

This Trojan arrives as a file downloaded from the Internet by an unsuspecting user when visiting malicious Web sites. It can also arrive as a file dropped by another malware.

 

It connects to the Web site akg{BLOCKED}ati.com to download and eventually execute a malicious spyware, which Trend Micro detects as TSPY_TARNO.S. It then terminates itself after the said download routine.

 

 

 

References: http://www.trendmicro.com/vinfo/ (TrendMirco Virus Security Info)

http://www.trendmicro.com/vinfo/zh-tw/default.asp (Traditional Chinese TrendMicro Virus Security Info

---