Malware descriptions

Trojan for handsets which run Java applications

We’ve just received a new sample – a program called RedBrowser, a Trojan for mobile phones which can run Java applications (JME2). This means that it’s not just smartphones that are potentially infectable, but most modern handsets.

It presents itself as a program which will allow the user to visit WAP sites without a WAP connection. However, the Trojan actually sends SMSs, not to other users, but to premium rate numbers. The user gets charged $5 – $6 for each sms sent.

Happily, this Trojan can be easily deinstalled by the user using standard tools.

Although this is the first sample we’ve seen, there are probably other similar programs out there in the wild. It’s a sign that virus writers are widening their reach, and no longer only targeting smart phones.

Trojan for handsets which run Java applications

Your email address will not be published.

 

Reports

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

APT trends report Q2 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox