SMS offers a date with destiny you don't want
23 Jun 2006
People are being conned into downloading a Trojan bot by text message according to security firm Websense Security Labs.
The company has received reports of people receiving a text message on their mobile phone, thanking them for subscribing to a fictitious dating service.
The message states that the subscription fee of $2 per day will be automatically charged to their mobile phone bill until their subscription is cancelled at the online site.
The same message is also being spammed to the comments section of numerous message boards.
Users who visit the site to unsubscribe from the service are prompted to download a variant of the Dumador Trojan bot.
The original Dumador.BC is a backdoor Trojan that allows the computer to be remotely controlled, as it opens two TCP ports and receives remote commands by making GET requests to two different web addresses.
It also logs certain information in a file, and prevents users from accessing several websites, mainly belonging to anti-virus companies.
The site does not attempt to exploit any vulnerabilities; instead, the attacker provides instructions to the user on how to bypass the Internet Explorer security warning prompt.
"We're seeing the next evolution of blended threats exploiting a new attack vector - SMS over a mobile phone. There has been much talk of security risks associated with mobiles for years and they are now becoming reality," said Mark Murtagh, technical services director for Websense.
"As mobiles have become an essential part of our everyday lives, they are an extremely attractive lure for criminals who want to exploit their huge user base.
"The concern of a $2 a day charge is enough to make even the least PC-savvy person take action to ensure they have 'unsubscribed' - and thus, unwittingly get tricked into downloading malicious code.
"Using a web security solution is the first line of defence, but this particular incident shows just how difficult it is to prevent such a sophisticated socially engineered attack using both the mobile network and the web," he added.
The latest home computing news
The best PC tools, applications and more
Independent opinions on new hardware and software
Easy-to-follow projects with pictures
Solve PC problems with our Q&A
PC projects demonstrated and product reviews
An in-depth look at how to get the best from your PC
What's coming up in Computeractive
Get help with your PC problems from our readers
Your chance to win computing prizes
Great deals on products, services and more
NEW!
Computeractive CD Rom 11
All 26 issues of Computeractive from 2008 on one CD-Rom.
Ultimate
Guide to Disc Burning
Everything you need to know about creating your own discs.
Create
your own Calendars
The fun and easy way to create your own calendars!
Computeractive
Back Issues
Missed an issue? Click here to find a back issue
Keeping an eye on the latest XP and Vista news
One of the major changes in Outlook 2007 had nothing to do with the Ribbon but that Word was used to display...
> More from the Windows Watch blog
Your daily dose of download discussion
Keeping certain files backed up helps to keep items safe in case anything disastrous happens to your computer, but although most of...
Computeractive is not reponsible for content of Google adverts
Reader comments