14 DAY TRIAL // Security researchers from Microsoft warn that credit stealing mobile malware is being spread as an application to generate and send Valentine's Day MMS messages.
Just like holiday e-cards are popular on the Internet, sending holiday-themed multimedia messages is a common practice among mobile users.
And the trend of trying to hide and deliver malware as e-cards, wallpapers and other downloads, seems to have also reached the mobile world.
"We came across a downloadable file named 'love_mms.rar' that contains a JAR installer named 'jimm2010.jar', that we detect as Trojan:Java/Jifake.A, and several pictures with Russian file names related to Valentine’s Day," security researchers from Microsoft's Malware Protection Center warn.
The file is a mobile trojan which steals credit by sending SMS messages to a premium rate number and appears to be targeting subscribers on the Russin mobile network.
The malware runs on any platform that supports Java applications, including Symbian and Windows CE, but it is not the first of its kind.
Back in February 2009, security researchers from Kaspersky Lab discovered a Java mobile trojan that was stealing credit using the same technique. It's origin was suspected to be Indonesian.
More recently, three Android trojans were found doing the same thing, but targeting Russian users exclusively.
The mobile fraud vector is becoming increasingly popular. Tens of Facebook scams direct users to surveys every day in an attempt to subscribe them to premium rate services billed on their mobile phones.
Another example is of a UK fraud gang which used counterfeit credit card details and stolen identity information to sign up for iPhone contracts and then shipped the SIM cards out of the country to be used for automated calls to premium rate numbers.
Mobile users are strongly advised to be cautions about what applications they choose to install on their devices and their source, because the mobile threat landscape is rapidly evolving.