Malware descriptions

New Worm.SymbOS.Lasco.a

Analysis of the new virus mentioned in the previous posting showed that it’s a SymbianOS worm, based on Cabir source code, that spreads itself via BlueTooth. It also has a file infection functionality.

Upon execution, the virus searches for nearby BlueTooth devices (those which are in discoverable mode) and tries to transmit itself to any accessible ones. It also initiates a drive-wide scan for SIS-files and tries to infect them by inserting virus code directly into an SIS archive.

We’ve called this virus Worm.SymbOS.Lasco.a. An antivirus database update is already available.

A detailed description of the virus will be available in the Virus Encyclopedia in the near future.

UPDATE: the description of Lasco.a is now online.

New Worm.SymbOS.Lasco.a

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2024

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Subscribe to our weekly e-mails

The hottest research right in your inbox