A new Trojan horse aimed at smart phones using Symbian operating system galloped in earlier this week, just in time to spoil the holiday season for uninformed wireless gamers.
The malware, MetalGear.a, which masquerades as a Symbian version of the Metal Gear Solid game, disables antivirus programs and also installs a version of the Cabir worm identified earlier this year, according to SimWorks International, which issued an alert this week.
The Cabir worm, in turn, attempts to spread a second Trojan program, called SEXXXY, to nearby phones through the Bluetooth short-range wireless protocol.
"This is a new strand of smart phone malware because it actually consists of three pieces: two Trojans and a worm," says Aaron Davidson, chief executive officer of SimWorks, in a telephone interview from the company's headquarters in Auckland. "It also shows how viruses writers are getting more sophisticated."
To infect their phones, users must open and install the fake Metal Gear game, according to Davidson. "There are plenty of Web sites offering cracked versions of games," he says. "These sites are used not only by people seeking free software but also by virus writers."
Similar to the Skulls Trojan detected last month, the MetalGear Trojan uses the same icon-disabling technique to disable antivirus and other applications.
The Trojan also installs a version of the Cabir worm, which seeks to spread itself by sending a file called SEXXXY.sis to any Bluetooth-enabled phones in the vicinity, SimWork says. If users accept and install this file, it disables the Symbian application button on their phones.
In particular, if users install the MetalGear Trojan program, they will have difficulty repairing their phones because the program effectively disables all tools on the phone necessary to undo the damage, Davidson says.
The MetalGear and SEXXXY Trojan programs are included in a program, called Metal Gear.sis.
Antivirus software from SimWorks has been updated to provide protection from both Trojan programs, Davidson says.
So far, Trojan horses, worms, and viruses aimed at smart phones have failed to spread rampantly: Their propagation has been hindered by the need for users to accept and install programs.