SymbOS.Pbstealer.D
Last update:  26-01-06 Submitted by ahbao
Views: 1005 Home Security


SymbOS.Pbstealer.D is a Trojan horse that runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. The Trojan sends the user's contact information database, Notepad, and Calendar To Do list to other Bluetooth-enabled devices.

It has been reported that the Trojan arrives on the compromised device as the following files:

  • ChattingYuk.SIS
  • PBCompressor.SIS

If the user opens this .sis file, the device Installer displays a dialog box to warn the user that the application may be coming from an untrusted source and may cause potential problems.

Technical details

When SymbOS.Pbstealer.D is executed, it performs the following actions:

  1. Displays one of the following messages, depending on the threat version:

    Message 1:
    Install
    MyProfile

    Message 2:
    Install
    PBCompressor
  2. Displays the following message if the user installs the file:

    Compacting
    your contact(s), step2

    Please wait again
    until done...
  3. Installs itself as the following files:

    C:\system\Mail\00110001_S\pbcompressor.app
    C:\system\Mail\00110001_S\pbcompressor.rsc
  4. Copies the contents of the user's contact information database, Notepad, and Calendar To Do list to the following file:

    C:\SYSTEM\MAIL\PHONEBOOK.TXT
  5. Scans for Bluetooth-enabled devices. It repeatedly attempts to send the file C:\SYSTEM\MAIL\PHONEBOOK.TXT to the first Bluetooth-enabled device it finds.
  6. Stops trying to send the above file via Bluetooth after one minute and displays the following message:

    Compacting your contact(s), step2
    Done!!!

    Note: The Trojan appears to contain some bugs, and it may crash and stop running.
  7. One of the following files is created by the Installer, not the threat:

    \system\install\ChattingYuk.SIS
    \system\install\PBCompressor.SIS
  8. Deletes the above files and also deletes the Installer and the Install Stub left in the C:\System\Apps\Install directory to hide its tracks after the user has selected "Done, press OK to exit" (after the threat has stolen and sent the Phonebook details).

Removal Instructions

  1. Install a file manager program on the device.
  2. Enable the option to view the files in the system folder.
  3. Navigate to and delete the following malicious files:

    C:\system\Mail\00110001_S\pbcompressor.app
    C:\system\Mail\00110001_S\pbcompressor.rsc
    C:\SYSTEM\MAIL\PHONEBOOK.TXT
    \System\Install\ChattingYuk.sis
    \System\Install\PBCompressor.sis
    ChattingYuk.SIS
    PBCompressor.SIS
  4. Exit the file manager.

 Lastest News in this category

AhnLab exports a vaccine for mobile phones overseas for the first time
AhnLab recently entered into an agreement for OEM (original equipment manufacturing) supply of its security product 'AhnLab Mobile Security' to Tai...

Kaspersky Mobile Security 7.0 will Catch Phone Thief Now
Kaspersky Lab announced the release of a new product for the integrated protection of smartphones running Symbian and Windows Mobile. Kaspersky Mob...

McAfee Research Reveals Majority of Consumers Concerned Over Mobile Safety
McAfee announced findings from new research that reveals that almost three out of four mobile consumers (72%) are concerned about the security of t...

SMobile Announces Solution for Beselo Worm Virus
SMobile Systems announced that it has prepared and tested a mobile anti-virus update and disinfection tool for its Security Shield platform to help...

F-Secure and Sony Ericsson partner to deliver Mobile Security for UIQ
F-Secure Corporation is today announcing the availability of its Mobile Security product for the UIQ platform. F-Secure and Sony Ericsson are partn...



 Free Mobile Phone Wallpaper

vfdu_1391
dppc_427
jun_natsukawa_44
iPhone_Wallpapers-fd0043


Recommend: SlashGear / Instinct Phone cases / iPhone 3G cases / iPod touch 2G / MY iTablet / PHONE Magazine / Android Community Store
Samsung Instinct Accessories / BlackBerry Touch / Storm Accessories / T-Mobile G1 / G1 Cases /iPhone 3G Accessories
iPod Touch Store / Apple-Touch.com / Pearl Flip / iPhone Buzz / Everything Dream / Macbook touch / Treo Pro / Palm Treo Pro
Android Community / Dream Accessories / Dream Cases / Touch Diamond Cases / Touch Diamond Accessories / XPERIA Accessories / The G1 Accessories / HTC Touch pro / Touch Diamond / Verizon Storm / HTC Diamond / HTC Dream / BlackBerry Bold / BlackBerry Bold Accessories / BlackBerry Bold cases / BlackBerry 9530 Storm / BlackBerry Bold Accessories / BlackBerry Thunder Accessories / Samsung Pixon / Bold Cases / Dare Accessories / Thunder Accessories / Thunder Cases / Android Market
Treo Pro Accessories / Treo Pro Cases / Treo Pro Store / Sprint Diamond Accessories / Sprint Diamond Cases / Touch HD
SlashGear.TV / the Instinct Phone / LG Dare Accessories / LG Dare Cases / iPod nano 4G / HTC Touch HD / iPhone 3G Accessories / iPhone 3G Cases / iPhone nano Accessories / Android Countdown / Google Chrome Browser / BlackBerry Pearl 8220 / BlackBerry 9530 / G1 Accessories / HTC G1 / G1 Accessories
Logos & trademarks in this site are property of their respective owner(s). The comments are property of their posters, the rest © SlashPhone.
Privacy Policy | Terms of Use | Got Suggestions?: SlashPhone Tipline / SlashPhone Editor / Vincent Nguyen
Designed and Developed by Ewdison Then. SlashPhone is part of R3 Media, Blogging Life and Powered by Madserve.com.