Whilst mobile phone users haven’t traditionally been a primary target for cybercriminals, recent appearances of malicious programs such as Trojans, viruses and spam on mobile devices have raised fears that this kind of criminal activity is on the rise in the mobile world.
Apart from in Russia, which has seen a number of documented cases in the past, the rest of the world has largely managed to avoid the threat of mobile phone-based malware. However, last week Kaspersky Lab experts detected a new malicious program for Symbian, one of the most common mobile phone operating systems worldwide, that targets customers of an Indonesian mobile phone operator, which offers a money transfer service. The Trojan is written in Python, a script language, and sends SMS messages to a specific number with instructions to transfer some of the money of the user’s account to another account which belongs to the cybercriminals.
Currently, the Trojans found have only targeted users of an Indonesian mobile operator. However, if such money transfer services from phone to phone are offered by mobile operators in other countries that use similar methods (simple SMS) it would be possible that such threats will appear in other parts of the world.
“Obviously, the primary aim of the cybercriminals that distribute these Trojans is to make money,” says David Emm, a member of the Global Research and Analysis Team at Kaspersky Lab. “Until recently, many people thought that malicious programs that send SMS messages without the user’s knowledge were purely a Russian phenomenon. Now we can see that the problem is spreading and no longer only affects Russian users, it’s becoming an international issue that takes advantage of the growing use of mobile communications.”
Small amounts, huge losses
There are five known variants of the SMS.Python.Flocker Trojan, ranging from .ab to .af. The amounts transferred range from 0.45 US-Dollars to 0.90 US-Dollars. Thus, if the cybercriminals behind the Trojan manage to infect a large number of phones, the amount transferred to their mobile phone account as a result could be substantial.
Kaspersky Mobile Security users are already protected from the new Trojan. The Kaspersky Lab product blocks malicious programs by preventing them from running and keeps the user’s personal details safe. Kaspersky Lab recommends users to be cautious when using a mobile phone or smartphone to browse the Internet and to always keep their antivirus databases up-to-date to avoid the ever-evolving and increasing number and types of threats.