|
| |
|
22.07.2007, 11:45
|
#21 (Permalink) |
|
Administrator
Name: Christian Handy: Nokia N95, FuSi Pocket Loox 720 Netzbetreiber: Vodafone
Avatare sind nur für MFF-Mitglieder sichtbar!
 Bike Mania Champion!Registriert seit: 17.04.2006
Ort: Erfurt
Beiträge: 3.243 Motto: S*x ist wie Sport: Man spielt 'ne halbe Stunde, schwitzt viel und hofft, daß man nichts ins Auge bekommt.
Downloads: 309
Uploads: 305
Abgegebene Danke: 40
Erhielt 400 Danke für 222 Beiträge
|
[SymbianOS] SymbOS.Cabir.U
Risiko: sehr gering Typ: Wurm entdeckt am: 27. Juli 2005 auch bekannt als: keine Angabe Information: SymbOS.Cabir.U is a proof-of-concept worm that propagates through Bluetooth-enabled devices. The worm runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. technische Details: When SymbOS.Cabir.U is executed, it performs the following actions: Creates the following files: \SYSTEM\APPS\qex00r\qex00r.app \SYSTEM\APPS\qex00r\qex00r.RSC \SYSTEM\APPS\qex00r\FLO.MDL C:\SYSTEM\SYMBIANSECUREDATA\QEX00RSECURITYMANAGER\ QEX00R.APP C:\SYSTEM\SYMBIANSECUREDATA\QEX00RSECURITYMANAGER\ QEX00R.RSC C:\SYSTEM\SYMBIANSECUREDATA\QEX00RSECURITYMANAGER\ QEX00R.SIS C:\SYSTEM\RECOGS\FLO.MDL C:\QEX00R.APP C:\QEX00R.RSC C:\FLO.MDL Adds itself to the boot sequence so that it starts when the operating system starts. It then displays the message Jokerr. Attempts to send itself to any Bluetooth-enabled device that it finds. [Link nur für registrierte Mitglieder sichtbar.]
__________________
lesen - denken - posten |
|
|
22.07.2007, 11:56
|
#22 (Permalink) |
|
Administrator
Name: Christian Handy: Nokia N95, FuSi Pocket Loox 720 Netzbetreiber: Vodafone
Avatare sind nur für MFF-Mitglieder sichtbar!
Bike Mania Champion!Registriert seit: 17.04.2006
Ort: Erfurt
Beiträge: 3.243 Motto: S*x ist wie Sport: Man spielt 'ne halbe Stunde, schwitzt viel und hofft, daß man nichts ins Auge bekommt.
Downloads: 309
Uploads: 305
Abgegebene Danke: 40
Erhielt 400 Danke für 222 Beiträge
|
[SymbianOS] SymbOS.Cabir.V
Risiko: sehr gering
Typ: Wurm entdeckt am: 24. Oktober 2005 auch bekannt als: Information: SymbOS.Cabir.V is a proof-of-concept worm that propagates through Bluetooth-enabled devices. The worm runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. technische Details: When SymbOS.Cabir.V arrives on the target device, it performs the following actions: Displays a message similar to the following, asking the user to accept a message from a particular device: Message: Receive message via Bluetooth from [DEVICE NAME]? Notifies the user that they have received a new message, and displays a message similar to the following: Message: Application is untrusted and may have problems. Install only if you trust provider. Prompts the user to install the untrusted application. If the user chooses Yes, they will be prompted to install the worm and the following message will be displayed: Message: Install INBOX? Displays the following message and image, if the user chooses Install: Message: SPOOKY!!!  Creates the following files on the device: \SYSTEM\APPS\SPOOKY\SPOOKY.APP \SYSTEM\APPS\SPOOKY\SPOOKY.MBM \SYSTEM\APPS\SPOOKY\SPOOKY.RSC \SYSTEM\APPS\SPOOKY\EZRECOG.MDL C:\SYSTEM\SCREAMSECUREDATA\SPOOKYSECURITYMANAGER\S POOKY.APP C:\SYSTEM\SCREAMSECUREDATA\SPOOKYSECURITYMANAGER\S POOKY.MBM C:\SYSTEM\SCREAMSECUREDATA\SPOOKYSECURITYMANAGER\S POOKY.RSC C:\SYSTEM\SCREAMSECUREDATA\SPOOKYSECURITYMANAGER\S POOKY.MDL C:\SYSTEM\INSTALLS\INBOX.SIS Attempts to send itself to other Bluetooth-enabled devices that it finds, regardless of the type of device. Executes every time the device is turned on. [Link nur für registrierte Mitglieder sichtbar.]
__________________
lesen - denken - posten |
|
|
|
22.07.2007, 12:01
|
#23 (Permalink) |
|
Administrator
Name: Christian Handy: Nokia N95, FuSi Pocket Loox 720 Netzbetreiber: Vodafone
Avatare sind nur für MFF-Mitglieder sichtbar!
Bike Mania Champion!Registriert seit: 17.04.2006
Ort: Erfurt
Beiträge: 3.243 Motto: S*x ist wie Sport: Man spielt 'ne halbe Stunde, schwitzt viel und hofft, daß man nichts ins Auge bekommt.
Downloads: 309
Uploads: 305
Abgegebene Danke: 40
Erhielt 400 Danke für 222 Beiträge
|
[SymbianOS] SymbOS.Cabir.W
Risiko: sehr gering
Typ: Wurm entdeckt am: 15. Dezember 2005 auch bekannt als: keine Angabe Information: SymbOS.Cabir.W is minor variant of SymbOS.Cabir. This worm also spreads through Bluetooth-enabled devices running the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. The worm arrives on a Bluetooth-enabled device as the file inbox.sis. It may also be dropped by SymbOS.Cardtrp.M as the file Norton Antivirus symbian V1.0.SIS. technische Details: When the user clicks on the malicious .sis file, the phone installer will display a dialog to warn users that the application may be coming from an untrusted source and may cause potential problems. The installer then displays the following message: Install INBOX?  When SymbOS.Cabir.W is executed, it performs the following actions: Creates the following files on the compromised device: C:\system\apps\spooky\spooky.app (A copy of the worm executable file) C:\system\apps\spooky\spooky.rsc (A resource file) C:\system\apps\spooky\spooky.mbm (A bitmap image) C:\system\apps\spooky\navrecog.mdl (A system recognizer) C:\System\RECOGS\NAVRECOG.MDL (A system recognizer) Displays the following text with an image, which is reported to be spooky.mbm: Norton Antivirus 2005 protected ID: VLZ-ERC-202U  Attempts to send the inbox.sis file to any Bluetooth-enabled device that it finds. The user of that device must confirm the transfer in order for the .sis file to be installed. Note: The worm executes every time the device is turned on. [Link nur für registrierte Mitglieder sichtbar.]
__________________
lesen - denken - posten |
|
|
|
|
|
22.07.2007, 12:04
|
#24 (Permalink) |
|
Administrator
Name: Christian Handy: Nokia N95, FuSi Pocket Loox 720 Netzbetreiber: Vodafone
Avatare sind nur für MFF-Mitglieder sichtbar!
Bike Mania Champion!Registriert seit: 17.04.2006
Ort: Erfurt
Beiträge: 3.243 Motto: S*x ist wie Sport: Man spielt 'ne halbe Stunde, schwitzt viel und hofft, daß man nichts ins Auge bekommt.
Downloads: 309
Uploads: 305
Abgegebene Danke: 40
Erhielt 400 Danke für 222 Beiträge
|
[SymbianOS] SymbOS.Cabir.X
Risiko: sehr gering
Typ: Wurm entdeckt am: 06. Juli 2006 auch bekannt als: keine Angabe Information: SymbOS.Cabir.X is a worm that runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. The worm spreads through Bluetooth-enabled devices. The device displays a message similar to the following, asking the user to accept a message from a particular device: Receive message via Bluetooth from [device name]? When a user opens the file, the phone installer will display a dialog to warn users that the application may be coming from an untrusted source and may cause potential problems. technische Details: When SymbOS.Cabir.X is executed, it performs the following actions: Displays the following message prompting the user to install the threat: Install Pinball Drops the following files: [DRIVE LETTER]:\system\apps\pinball\pinball.app (the main component of the worm) [DRIVE LETTER]:\system\apps\pinball\rebeca.mdl [DRIVE LETTER]:\system\apps\pinball\pinball.rsc Launches the worm's main component file, pinball.app, which creates the following files: C:\SYSTEM\LESLIEDATA\LESLIE\LESLIE.APP C:\SYSTEM\LESLIEDATA\LESLIE\LESLIE.RSC C:\SYSTEM\LESLIEDATA\LESLIE\LESLIE.SIS C:\SYSTEM\RECOGS\REBECA.MDL Attempts to send itself to any Bluetooth-enabled device that it finds. [Link nur für registrierte Mitglieder sichtbar.]
__________________
lesen - denken - posten |
|
|
 |
| Lesezeichen |
| Stichworte |
| symbianos, symbian, cabir |
| Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1) | |
| Themen-Optionen | |
| Ansicht | |
|
|
![[SymbianOS] SymbOS.Cabir](http://www.mobilfunk-faq.info/iconimages/verzeichnis-aktueller-mobiltelefonviren/symbianos-symbos-cabir_ltr.gif)
Linear-Darstellung
