14 DAY TRIAL // Malicious code authors created a Trojan type worm that attacks smart phones using Symbian operting system. In case the code is installed successfully, the Trojan will try to scan the system and eliminate all anti-virus protection measures.
The Drever-C Trojan especially attacks anti-virus protection solutions developed by F-Secure, Kaspersky and Simworks.
Deactivating security solutions is a technique used by PC worms, and only recently have been discovered similar cases for smart phone operating systems.
Drever-C is a SIS Trojan that attacks files from the boot sector of the system, then it tries to overwrite specific F-Secure Mobile Anti-Virus files.
Along with the overwrite attempt of the files mentioned above, Drever.C will try to replace binary components of F-Secure Mobile Anti-Virus with corrupt ones.
Still, because this security solution is protected against this kind of attacks, all attempts will fail as long as the software solution is active and set to real time scanning. In case the solution is inactive or has been set to manual scanning mode, the attacks will succeed; users can revert to the security level by reinstalling the anti-virus.
The Trojan's authors also launch a message to F-Secure, contained in the code of the worm: "FSECURE MUST DIE!!!!!! Please, don't make new antiviruses for my viruses and I stop make viruses for your antiviruses. My target is Simworks! =)".
The worm's spreading rate is very small, and the possibility of infection only increases if the user downloads software from dubious, unknown sources.