Symbian malware creating mobile botnet researchers claim

Mobile security firm NetQin are claiming to have found malware spreading via Symbian Series 60 handsets which is being used to build a mobile botnet.

The company has identified three piece of malware, which masquerade as mobile games or special offers, which infect versions three and five of the Series 60 Symbian platform. NetQin estimates 100,000 handsets have been infected and could be used to form a mobile botnet similar to those seen in the PC world.

“Our team found that these botnets do one of two things; send messages to all the contacts of the address book directly, or send messages to the random phone numbers by connecting to a server,” said the company in a blog posting.

“The viruses will delete the sent messages from the user’s Outbox and SMS log. All messages contain URLs linked to malicious sites that users won’t be able to see until after they’ve fallen into the virus trap.”

However, in an email exchange with V3.co.uk the Symbian Foundation said that there was no evidence that the malware was using handsets in a botnet and that users could protect themselves without the need for security software, since it had already rescinded the software's certification.

“We respond to reported malware by revoking the Symbian Signed certificates used to sign it. As far as we can tell, the certificates used in this case were revoked some months ago,” said a spokesman.

“Users who are concerned about malware should turn on revocation checking on their phones.”

He also pointed out that NetQin had not contacted them about the malware and that, in the opinion of the Foundation, the threat was “very minor.”