Opera Malware Hits the Wrong Note

Be careful what you download; it might not be what you expected.

Like all browsers and—in fact, pretty much all programs—Opera Mini needs to be updated from time to time. But just because a website promises to update your copy of the mobile browser doesn't mean that it will actually do so.

As described in this GMA News article, Trend Micro recently discovered a webpage designed to mimic Opera's own site. The page told visitors that they needed to update their copy of Opera Mini. But hey, no problem— there was a download link right there.

What the users got was a file named OperaMini.jar, which contained the mobile Trojan J2ME_FAKEBROWS.A. Once on your phone, this digital varmint starts texting like a teenager, except that instead of gossiping with friends, it sends the message “424626 357 OX” to premium numbers. Guess who has to pay the bill?

The website that tricks you into downloading this expensive dialer is in Russian, but don't let that lull you into a false sense of security. If scruples-deficient crooks can do this sort of thing in one language, they can, and will, do it in another.

And there are other variations. J2ME_FAKEBROWS.A infects phones running on Windows Mobile and the Symbian OS. But a similar Trojan, ANDROIDOS_FAKEBROWS.A, targets Android users.

So how do you protect yourself? First of all, be careful about on which websites you download files. If you're an Opera Mini user, do so only from Opera's own site.

And make sure your phone is protected—preferably by the company that discovered this ruse: Trend Micro. Their Mobile Security app, recently named by PC World one of the 100 Best Products of 2011, will protect your Android Smart Phone. And their Titanium Maximum Security will protect your Windows computer, and your Android, Symbian, iOS, and Windows Mobile devices.

Subscribe to the Security Watch Newsletter