SMS offers a date with destiny you don't want
23 Jun 2006
People are being conned into downloading a Trojan bot by text message according to security firm Websense Security Labs.
The company has received reports of people receiving a text message on their mobile phone, thanking them for subscribing to a fictitious dating service.
The message states that the subscription fee of $2 per day will be automatically charged to their mobile phone bill until their subscription is cancelled at the online site.
The same message is also being spammed to the comments section of numerous message boards.
Users who visit the site to unsubscribe from the service are prompted to download a variant of the Dumador Trojan bot.
The original Dumador.BC is a backdoor Trojan that allows the computer to be remotely controlled, as it opens two TCP ports and receives remote commands by making GET requests to two different web addresses.
It also logs certain information in a file, and prevents users from accessing several websites, mainly belonging to anti-virus companies.
The site does not attempt to exploit any vulnerabilities; instead, the attacker provides instructions to the user on how to bypass the Internet Explorer security warning prompt.
"We're seeing the next evolution of blended threats exploiting a new attack vector - SMS over a mobile phone. There has been much talk of security risks associated with mobiles for years and they are now becoming reality," said Mark Murtagh, technical services director for Websense.
"As mobiles have become an essential part of our everyday lives, they are an extremely attractive lure for criminals who want to exploit their huge user base.
"The concern of a $2 a day charge is enough to make even the least PC-savvy person take action to ensure they have 'unsubscribed' - and thus, unwittingly get tricked into downloading malicious code.
"Using a web security solution is the first line of defence, but this particular incident shows just how difficult it is to prevent such a sophisticated socially engineered attack using both the mobile network and the web," he added.
The latest home computing news
The best PC tools, applications and more
Independent opinions on new hardware and software
Easy-to-follow projects with pictures
Solve PC problems with our Q&A
PC projects demonstrated and product reviews
An in-depth look at how to get the best from your PC
What's coming up in Computeractive
Get help with your PC problems from our readers
Your chance to win computing prizes
Great deals on products, services and more
Computeractive
Back Issue CD-Rom 11
All 26 issues of Computeractive from 2008 on one CD-Rom.
Ultimate
Guide to Free Computing
Find out how you can get free software, services and more!
Create
your own Calendars
The fun and easy way to create your own calendars!
Computeractive
Back Issues
Missed an issue? Click here to find a back issue
Keeping an eye on the latest XP and Vista news
We all want to save money at the moment, and computers can certainly get expensive. Hardware is always going to cost money...
> More from the Windows Watch blog
Your daily dose of download discussion
With laptops growing in size and many of us keeping a desktop computer in our bedroom, there's no reason why you couldn't...
Computeractive is not reponsible for content of Google adverts
Reader comments