March 1, 2006 From Russia without love – Trojan targets basic Java phones
Ne’er-do-wells have created a Trojan that can infect mobiles phones running Java applications. RedBrowser-A infects not only smart phones, but any mobile phone capable of running Java (J2ME) applications, according to Russian anti-virus firm Kaspersky Lab.
The mobile malware poses as a program called RedBrowser that supposedly allows surfers to visit WAP sites without using a WAP connection. According to the blurb, this access is possible by sending and receiving free SMS messages. In reality, the Trojan sends text messages to premium rate numbers, costing users between $5 and $6 per SMS.
The Trojan is a Java application in the form of a JAR format archive, sometimes called “redbrowser.jar” that’s 54,482 bytes in size. It can be downloaded to the victim handset either after downloading it onto a PC and subsequently transferring it onto a handset, or downloading it directly from a WAP site. Fortunately, however you get it, the malware is easily removed from the victim handset using standard utilities already installed on the telephone.