Information about Mosquitos Trojan

Symbian is aware that an illegally adapted or ‘cracked’ game called Mosquitos is being distributed by ‘warez’ websites (illegal software download sites) and on peer-to-peer (P2P) networks.  This game has been illegally adapted from the legitimate Mosquitos game developed by Ojom.

If installed by the user, the illegal game may cause the phone to send text messages to premium rate numbers without the user’s approval or knowledge.

Symbian offers the following summary information and advice:

• The only way a phone can be affected by this problem is by deliberate installation of an illegal copy of the Mosquitos game by the user
• Installation of the game requires the user to ignore an explicit warning that the identity of the application developer is unknown

 

• When the user starts the game, the following information is displayed on the screen, making it clear to the user that the game is an illegal, pirated version:

The cracked Mosquitos game runs only on phones using the Series 60 User Interface platform

• Phones using the UIQ user interface platform (Sony Ericsson, Motorola, BenQ, Arima) or the NTT DoCoMo FOMA platform (Fujitsu) cannot be affected by this problem
• The four premium rate numbers embedded in the cracked game are reported to be for the UK, Germany, the Netherlands and Switzerland only
• We believe that uninstalling and thus deleting the game will completely remove it and prevent any further incidence of unauthorised SMS activity

Symbian's view on the Mosquitos Trojan

The Mosquitos trojan is a clear indication that users need to be aware of the risks of downloading and installing illegal or pirated software.

Symbian takes security issues extremely seriously and works constantly to develop and integrate the most advanced security features for Symbian OS.

Symbian believes that mobile security is the responsibility of the entire industry. It requires co-operation and trust – values the Symbian OS open approach encourages. Symbian provides the required infrastructure for security and works with partners, licensees, network operators and standards bodies to further ensure security needs of the market are met.  No system for security can be guaranteed 100%. However, Symbian has measures in place to minimise the potential for a widespread attack focused on Symbian OS phones.

Symbian has led an industry-wide initiative to develop the Symbian Signed program under which software applications designed for Symbian OS are signed with a tamper-proof digital certificate that validates the identity of the application's developer, thus discouraging the installation of unsigned applications. Symbian anticipates that adoption of Symbian Signed will be widespread and will represent a significant barrier to the distribution of malware.

Questions and Answers about the Mosquitos Trojan and Symbian OS security

Q – What is a trojan?
A – A trojan is malware hidden inside other – apparently innocent – software.

Q – Is this a deliberate attempt to fraudulently charge users?
A – It seems not.  It is reported that the SMS functionality was incorporated in early versions of the game by the legitimate manufacturer as an experimental licensing and copy protection mechanism.  This licensing mechanism is not present in the final commercial version, but the illegal copies are based on an early version and still include the SMS functionality.

Q – How do I know if my phone is affected by this Trojan?
A – If you have downloaded an illegal copy of the Mosquitos game and installed it on your Symbian OS phone, your phone is at risk.

Q – I had the Mosquitos game on my phone, is it safe to carry on using the same removable media card?
A – If the game has been uninstalled and deleted, website reports suggest yes, it is safe.

Q – How can I avoid my phone being affected by this trojan?
A – Your phone can only be affected if you have installed an illegal copy of the Mosquitos game onto your phone.

Q – How can I protect my phone from other types of malware?
A – Mobile phone users can protect their phone from harmful applications by following the simple measures:

• Only download applications and content – preferably Symbian Signed – from trusted sources such as network operator or handset manufacturer web portals
• If your device gives a security warning during installation it means that the content is not Symbian Signed.  If this is the case you should consider carefully whether the application or content has been created by a trustworthy source, particularly if you have received the application or content from another phone via infra-red or Bluetooth® wireless technology.

Q – How is Symbian OS protected from malware?
A – Symbian OS provides a number of elements that make it secure. This includes protection from malware through signature checks and features that enable virus scanners from leading anti-virus vendors.

Q – Open phones means open to viruses, aren't Symbian OS phones susceptible to viruses?
A – An open programming environment can attract both benevolent and (the very small minority of) malicious developers. Symbian OS minimizes the risk of attack by advanced security within the OS itself and the use of application signing schemes (Symbian’s or those of network operators and licensees) and through the use of virus scanners (produced by partners).

Q – What is Symbian doing to prevent viruses or trojans in the future?
A – Symbian takes security issues very seriously and works constantly to develop and integrate the most advanced security features for Symbian OS.  Symbian believes that mobile security is the responsibility of the entire industry. It requires co-operation and trust – values the Symbian OS open approach encourages. Symbian provides the required infrastructure for security and works with partners, licensees, network operators and standards bodies to further ensure security needs of the market are met.  No system for security can be guaranteed 100%. However, Symbian has measures in place to minimize the chance of a widespread attack focused on Symbian OS devices.

Symbian OS provides the following elements in security for protection from malware (viruses, trojans, worms, etc):

• Symbian provides an infrastructure which allows network operators and manufacturers to use application signing (and revocation) for applications which are used on their Symbian devices. This allows the creation of application signing programs which can be used to verify the integrity of applications before allowing their use on the handsets
• Symbian has led an industry-wide initiative to develop the Symbian Signed program under which software applications designed for Symbian OS are signed with a tamper-proof digital certificate that validates the identity of the application's developer, thus discouraging the installation of unsigned applications. Symbian anticipates that adoption of Symbian Signed will be widespread and will represent a significant barrier to the distribution of malware
• Virus scanners through enabling partners – Symantec, F-Secure, McAfee and other major anti-virus technology vendors.