No content since 2004
Feel free to donate
Chris @ MyITforum
Subscribe in a reader
Subscribe to Chris Mosby at myITforum.com by Email
Windows Mobile Trojan InfoJack Posted by JP @ 14:34 GMT | postCount('00001391'); Comment (1) There's been some news this week about a Windows Mobile trojan called InfoJack. Our detection name is Trojan:WinCE/InfoJack.While reverse-engineering this trojan I realized it's a new of can of worms for mobile devices. There have long been malicious downloaders on PCs, but I believe this is the first to be discovered for mobile devices.The website from which this software was downloading additional components is offline. Analyzing this trojan without all of the downloaded parts from its server is a bit like completing a puzzle without all of the pieces. You have to determine the "shape" of the missing pieces by visualizing the empty spaces and by filling in the gaps.So I'm still spending some time reading through the code and there are pieces that raise my interest. One of which you can see in the image below, and nobody else is mentioning as of yet —SMS.If there is more to tell I'll be back with it next week.Happy Weekend,J-P
There's been some news this week about a Windows Mobile trojan called InfoJack. Our detection name is Trojan:WinCE/InfoJack.While reverse-engineering this trojan I realized it's a new of can of worms for mobile devices. There have long been malicious downloaders on PCs, but I believe this is the first to be discovered for mobile devices.The website from which this software was downloading additional components is offline. Analyzing this trojan without all of the downloaded parts from its server is a bit like completing a puzzle without all of the pieces. You have to determine the "shape" of the missing pieces by visualizing the empty spaces and by filling in the gaps.So I'm still spending some time reading through the code and there are pieces that raise my interest. One of which you can see in the image below, and nobody else is mentioning as of yet —SMS.If there is more to tell I'll be back with it next week.Happy Weekend,J-P
Source: Windows Mobile Trojan InfoJack - F-Secure Weblog : News from the Lab
No Comments