McAfee has issued a security alert for a trojan horse program called J2ME/RedBrowser.a that targets the Blackberry 8700c, Nokia 6681 and the Sony Ericsson W800i. The virus arrives in a program called redbrowser.jar and must be installed by the user to infect the device. The risk assessment of this threat is categorized as Low-Profiled by McAfee.
The trojan pretends to access WAP web pages via SMS messages. In reality instead of retrieving WAP pages, it sends SMS messages to Premium Rate numbers thus costing the user more than intended.
In order to delete the trojan users should use current engine and DAT files for detection, then delete any file which contains the detection.
Symtoms of the virus are as follows:
Upon startup the following text(translated from Russian) is displayed:
"Carefully read following description of RedBrowser program This program allows viewing WAP pages without GPRS connection.
RedBrowser connects to SMS server of your operator (MTS, BEELINE, MEGAFON).
Page is loaded by receiving encoded SMS. First 5Mb (650 SMS) of traffic are provided free of charge in test mode. ATTENTION!!! Program RedBrowser works ONLY on above mentioned cellular operators."
The trojan pretends to access WAP web pages via SMS messages. In reality instead of retrieving WAP pages, it sends SMS messages to Premium Rate numbers thus costing the user more than intended.
In order to delete the trojan users should use current engine and DAT files for detection, then delete any file which contains the detection.
Symtoms of the virus are as follows:
Upon startup the following text(translated from Russian) is displayed:
"Carefully read following description of RedBrowser program This program allows viewing WAP pages without GPRS connection.
RedBrowser connects to SMS server of your operator (MTS, BEELINE, MEGAFON).
Page is loaded by receiving encoded SMS. First 5Mb (650 SMS) of traffic are provided free of charge in test mode. ATTENTION!!! Program RedBrowser works ONLY on above mentioned cellular operators."