Malware descriptions

New Worm.SymbOS.Lasco.a

Analysis of the new virus mentioned in the previous posting showed that it’s a SymbianOS worm, based on Cabir source code, that spreads itself via BlueTooth. It also has a file infection functionality.

Upon execution, the virus searches for nearby BlueTooth devices (those which are in discoverable mode) and tries to transmit itself to any accessible ones. It also initiates a drive-wide scan for SIS-files and tries to infect them by inserting virus code directly into an SIS archive.

We’ve called this virus Worm.SymbOS.Lasco.a. An antivirus database update is already available.

A detailed description of the virus will be available in the Virus Encyclopedia in the near future.

UPDATE: the description of Lasco.a is now online.

New Worm.SymbOS.Lasco.a

Your email address will not be published. Required fields are marked *

 

Reports

How to catch a wild triangle

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Subscribe to our weekly e-mails

The hottest research right in your inbox