Windows Mobile trojan on the loose

While there have been a number of proof of concept Windows Mobile malware, it looks like a genuine trojan is now loose in the Windows Mobile world. According to McAfee:

WinCE/InfoJack sends the infected device’s serial number, operating system and other information to the author of the trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The trojan modifies the infected device’s security setting to allow unsigned applications to be installed without a warning.

When installed, WinCE/InfoJack sets itself up as an autorun program on memory cards (allowing it to install on any device that used the card) and protects itself from deletion by copying itself back to disk. It also replaces the browser’s home page and allows unsigned applications to install without warning.

The trojan originated in China and is part of a downloadable software package that included games, stock trading application and Google Maps. The site where the package could be downloaded is now shut down but the developer claimed that the malware was used simply to collect information on the types of mobile devices accessing the site.

Now that Windows Mobile malware is a reality, will you be installing anti-malware software on your device?

Read more about this story