New Trojan threatens Windows Mobile devices

The US Emergency Response Team (USCERT) on February 27 has issued a warning about a type of Trojan capable of disabling Microsoft Windows Mobile-based security applications.

This type of malware (malware) attacks Windows Mobile PocketPC devices. McAfee Avert Labs laboratory has found the type of Trojan and named it WinCE / InfoJack. The Trojan sends the serial number of the device, operating system and sensitive information on the system that infects the Trojan creator.

According to the researchers, some features of WinCE / InfoJack show that they are dangerous malware. USCERT warns that the Trojan can infect through legitimate files, install itself into a self-running program (autorun) on the memory card, or on the device when plugging in an infected memory card. Later, the Trojan infected via Google Maps application, stock trading applications and some types of games.

Picture 1 of New Trojan threatens Windows Mobile devices WinCE / InfoJack protects itself by deleting copies on disk. The Trojan also replaces the device's browser with the malicious site's home page, and allows applications to not install the installation process without warning, helping hackers to run malicious code on the site. Mobile devices.

Meanwhile, Microsoft claims the new Trojan does not exploit any security holes in its products, but instead relies on a mechanism for users to download and accept the installation of unregistered applications. .

Microsoft recommends that users contact the original device installer, and provide relevant information about their device.