The first malware to exploit the Symbian S60 3rd Edition platform has been identified, according to security firm F-Secure, which says the code is a Trojan in the wild that may be used for spam among other purposes.
Trojan SymbOS/Yxe.A is still undergoing analysis, but it appears to use encryption and may be designed for spam SMS messages, as well as enabling downloads, says Patrik Runald, F-Secure’s chief security officer. “This is the first malware for the Symbian S60 3rd Edition phones” he says. “It’s definitely in the wild, and probably originated in China, where it’s infecting phones.”
SymbOS/Yxe.A attempts to use social-engineering ploys, like portraying itself as a game application or using sex images as a lure. Runald points out that victims are being fooled into installing it manually.
Runald says the Symbian S60 3rd Edition platform requires application developers to use a registered signing key for applications to be able to run, so the appearance of SymbOS/Yxe.A raises the question of whether someone stole a Symbian-issued certificate to create malware that would run on the platform. “For the application to run, it has to be signed,” Runald said.