Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
17 March 2008  
Untitled Document
Sections

Market
Management
Technology
Technology Life

Columns

Between The Bytes

Events

Technology Senate
Technology Sabha
Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
CIO Decisions
Exp.Channel Business
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Express Healthcare
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Technology - Article

Update

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

Windows Mobile Trojan–InfoJack  

Malware Most Recent

JS/Advedo
Trojan:WinCE/InfoJack
Backdoor:W32/PoisonIvy
Trojan-Downloader:W32/Injecter.GX
Trojan-Spy:W32/Banker.ICS Trojan-Downloader:W32/Agent.EOA
Backdoor:W32/IRCBot.BNZ
Trojan-Spy:W32/ZBot.HS
Worm:SymbOS/Beselo
IM-Worm:W32/Sohanad

Source: F-Secure

F-Secure Security Laboratory has spotted a new Window Mobile Trojan–InfoJack, detected as Trojan: WinCE/InfoJack. This is a new kind of worm targeting mobile devices. According to F-Secure, there have long been malicious downloaders on PCs, but this is the first to be discovered that affects mobile devices. InfoJack is a Trojan affecting Windows Mobile devices that leaks information from an infected device to a home server when the device connects to the Internet. As a part of its activity, InfoJack alters the security settings on the device. This causes all software installations to complete without any warning of possible safety precautions. Trojan:WinCE/

InfoJack is a multipart malware. The first part is attached to many (.cab) installation files containing legitimate software such as games, mapping software, etc. InfoJack pretends to be an additional setup program. Once InfoJack has infected the device it waits for the device to make an Internet connection. When the device is connected, InfoJack connects to its home server and downloads additional parts for its functionality. While doing so, it leaks information from the device to the server. On the device InfoJack installs the files windows\mservice.exe and windows\setup.cfg.

Arsenal Fan Site attacked

Current EPL leader Arsenal’s fan site Onlinegooner.com recently picked up a nasty malware injection which was filled with an assortment of malicious treats for vulnerable visitors. Sports sites usually attracts a regular flow of fans, some more than others making them attractive targets for attackers.

Arsenal’s fan site contained injected code, leading to downloads from remote addresses in Russia and parts of Southeast Asia. According to a security firm, the downloaded malware contained a rootkit, keylogger, backdoor, ARP poisoning, and DNS spoofing capabilities. These are sophisticated features for malware.

In a similar attack, before Super Bowl XLI in Miami in February 2007, the Dolphin Stadium Web site suffered an assault.

Security professionals for these sites should take steps to identify and secure potential routes for injection attacks. These have become common due to their effectiveness and the relative ease that criminals have had in finding targets.

 


Untitled Document

UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.