Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Avert Labs snags PoC mobile spyware

Researchers from McAfee Avert Labs claim to have discovered proof of concept (PoC) spyware for mobile devices.

The firm discovered a variation of MultiDropper.CG, a familiar PoC malware, containing SymbOS/Mobispy, a Symbian-based trojan targeting Nokia Series 60 devices.

The trojan's author did not create the malware from scratch, according to an Avert Labs blog post by Jimmy Shah. Instead, the malicious user built Flexispy into the malware-dropper.

The malware installs on a mobile phone, recording all incoming and outgoing SMS messages and phone numbers. It then bounces that information back to an account on a central server.

Malware and spyware both targeting mobile devices is worrisome, said Shah.

"Considering that data-stealing and other for-profit malware have made their entrance on mobile phones, it is worrisome to see spyware make its debut. Around eight months ago, a commercial remote phone monitoring application was released. There was much speculation on how much time it would take for malware authors to integrate it into their own malware," he said. "We have seen malware authors create custom prototype code to implement new attacks, but it is interesting to see them purchase commercial spyware to do their job for them."

Click here to email Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.