Jump to content

Windows CE Trojan out in the wild, say researchers


Recommended Posts

US-CERT is warning of a Trojan that puts the users of Microsoft's mobile operating system at risk for data disclosure.

Known as the WinCE/InfoJack Trojan, it will hijack the device serial number, disable the operating system's security functions, then install programs and upload user data to the attacker's Web site.

The virus was first discovered in China. It is packed within legitimate installation files, and comes with a group of applications including Google maps, stock trading applications and games, according to McAfee.

"WinCE/InfoJack was created by a specific website. The website may have hired someone to create the trojan and distribute it to other sites," researcher Jimmy Shah said. "The maintainer of the website claims that the software was just necessary to collect information on the types of mobiles used to access their site."

The Trojan can install itself as an autorun program on the memory card, which in turn can spread simply by installing the infected card on another device. It also replaces the browser's homepage, and allows unsigned applications to be installed without warning.

Attempts at deleting it will only bring the Trojan back, as it copies itself back to disk.

Researchers say the application also had a feature where it would have been auto-updateable allowing additional malware to be installed. However, this website has apparently been taken down, as McAfee said local law enforcement has launched an investigation into the Trojan.

source: betanews.com

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...