Home / malware Trojan:SymbOS/MerogoSMS
First posted on 24 March 2010.
Source: SecurityHomeAliases :
There are no other names known for Trojan:SymbOS/MerogoSMS.
Explanation :
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
Additional Details Trojan:SymbOS/MerogoSMS refers to a series of SMS worms that has been found spreading on Symbian Series 60 3rd Edition and Symbian Series 60 5th Edition devices.
The worm spreads as self-signed (untrusted) SIS installers, which some of them contain sub-SIS installers signed by Symbian. All the related publisher IDs and certificates have been added to revocation list by Symbian.
How it arrives and executes on the system
The worm spreads by sending text messages that contain variable messages in Chinese and a link to a website at 117.135.138.234. If the link is followed, an application will be installed promptly. The malware will boot up the API, and tries to connect to a website at http://rec[...]rzwxdsu.com over GPRS or 3G connection, infecting the phone and restarting the SMS spreading.
Note
No report on this malware has been received outside of China.Last update 24 March 2010
