News

Windows CE Trojan out in the wild, say researchers

By Ed Oswald | Published February 27, 2008, 1:23 PM

US-CERT is warning of a Trojan that puts the users of Microsoft's mobile operating system at risk for data disclosure.

Known as the WinCE/InfoJack Trojan, it will hijack the device serial number, disable the operating system's security functions, then install programs and upload user data to the attacker's Web site.

The virus was first discovered in China. It is packed within legitimate installation files, and comes with a group of applications including Google maps, stock trading applications and games, according to McAfee.

"WinCE/InfoJack was created by a specific website. The website may have hired someone to create the trojan and distribute it to other sites," researcher Jimmy Shah said. "The maintainer of the website claims that the software was just necessary to collect information on the types of mobiles used to access their site."

The Trojan can install itself as an autorun program on the memory card, which in turn can spread simply by installing the infected card on another device. It also replaces the browser's homepage, and allows unsigned applications to be installed without warning.

Attempts at deleting it will only bring the Trojan back, as it copies itself back to disk.

Researchers say the application also had a feature where it would have been auto-updateable allowing additional malware to be installed. However, this website has apparently been taken down, as McAfee said local law enforcement has launched an investigation into the Trojan.

Comments

View comments by with a score of at least

Galway
Feb 28, 2008 - 1:53 PM

"US-CERT is warning of a Trojan..."
"The virus was first discovered in China."

Is is a trojan or a virus ?

So basically ... Its a modified malicously crafted package the user has to download and install before it can do its stuff. Its sourced from a dodgy website, hosted by hackers that has since been taken down for their ilegal activities.

And hes me thinking it was somthing I should worry about.
"Windows CE Trojan out in the wild, say researchers"

Score: 0

|
Post Reply
yourcat
Feb 27, 2008 - 2:54 PM

This is why I use linux. Not enough people use it to make it a worthwhile target for these things.

Score: 0

|
Post Reply
skimore
Feb 27, 2008 - 3:18 PM

linux phone??

Score: 0

|
Post Reply
Tenoq
Feb 27, 2008 - 6:02 PM

Yeah, they have one of those.

Score: 0

|
Post Reply
daq
Feb 28, 2008 - 12:06 PM

There's actually quite a few. Google it.

Score: 0

|
Post Reply
mjm01010101
Feb 28, 2008 - 1:23 PM

Look into hosted linux boxes getting pwn3d. It happens.

Score: 0

|
Post Reply
morriscox
Feb 28, 2008 - 6:16 PM

Research before doing claims. I've had a Linux system (Slackware) hijacked.

Score: 0

|
Post Reply
skimore
Feb 27, 2008 - 2:04 PM

Google Maps.. Oh great!! This will help sell AV for phones..

Score: 0

|
Post Reply
Tenoq
Feb 27, 2008 - 6:03 PM

God no - mobile phones OSes are slow enough as it is.

Score: 0

|
Post Reply

Microsoft's Ray Ozzie: 'Nobody's going to be 100% open'

The mobile apps ecosystems of the world may converge over time, led by apps being ported over across platforms, according to the Chief Software Architect.

Will Firefox beat IE9 to Direct2D rendering?

Just days after Microsoft executives gave conference attendees a peek at a new rendering technology, a Mozilla contributor revealed he's working on the same thing.

Where there's smoke: Apple warranty stance raises troubling questions

Carmi Levy | Wide Angle Zoom: Smoking can be dangerous not only for your lungs, it appears, but for your Apple hardware warranty.

AOL's decision to rebrand as Aol. takes a bad brand and makes it worse

The idea behind the social Web is to crowd source before bringing out something new. But not at AOL, which new logo debuted with a cry of "fail!" across the blogosphere and Twittersphere today.

Microsoft 'worked with Apple' for Silverlight on iPhone, says Goldfarb

By not making such a big deal out of trying to stream video to the iPhone, Microsoft got a big deal out of it, revealed the Silverlight product manager.

Clicker.com cuts through the Web video chaos

In a world where homemade video and Hollywood movies travel the same pipeline, it's good to have a real search engine to cut through the clutter.

A case study in improving software: What Office 2010 can learn from Notion 3

A music composition product gambles with a complete overhaul, in an effort to make headway against two well-known competitors in a tough market.

Kindle 2 update adds battery life, native PDF reader

Amazon has pushed out an update to the Kindle 2 e-reader that lengthens battery life and adds a native PDF viewer.

Safari on iPhone gets competition from a $1 browser app

Apple likes to say it gives iPhone users a full browsing experience, but a new competitor tries to incorporate more desktop browser features.

Action Replay maker sues Microsoft for Xbox 360 'predatory technological barriers'

Third-party video game accessory maker Datel has filed an antitrust lawsuit against Microsoft over the Xbox 360's recent Dashboard update.

Microsoft's Bob Muglia and Ray Ozzie on Silverlight vs. standards

Bob Muglia: "We're trying to provide people with an environment that has capabilities that you just simply can't do today in the standards-based world."