The Latest in IT Security

Mobile malware to steal photos from your phone

16
Aug
2011

A good deal of this year’s mobile malware was developed in China. And Chinese mobile malware tends to include stuff such as backdoors, password stealers and spy tools.

Knowing that Chinese malware likes to spy, we’ve been keeping an eye out for various functions, such as photo scraping. Stealing photos from a phone could be used for harassment and blackmailing.

We didn’t have to look for long. A member our Threat Response team just found something interesting in a Symbian malware sample.

photo

Here are our analyst’s notes:

The code of Trojan:SymbOS/Spinilog.A (md5: b346043b4efb1e9834a87dce44d6d433) includes a class named CMyCameraEngine which inherits and implements the Symbian class MCameraObserver. This enables the trojan to receive control when an image has been captured with the camera. Spinilog.A then encodes the raw bitmap to a JPG, which it saves to the phone’s memory. This feature seems to still be unused and possibly incomplete as the constructor of the CMyCameraEngine class is not called in the code. Other data stolen by the trojan is more traditional such as the content and details of SMS and e-mail messages, phone call details and calendar and contact information.

So while this particular backdoor won’t yet steal your photos, it’s clear which direction we’re headed to.

Leave a reply


Categories

THURSDAY, OCTOBER 29, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments