Windows and Outlook search annoying you? Be in to win one of ten Lookeen Desktop Search licenses now

Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
First backdoor trojan found for Windows Mobile Pocket PC
Posted on 6-Aug-2004 14:17. | Tags Filed under: News.


First backdoor trojan found for Windows Mobile Pocket PC
Not long after the first proof-of-concept Pocket PC virus was found, a real trojan program is being distributed, targeting this platform. Brador.a (or WinCE.Brador.a as defined by Symantec) is a backdoor (a utility allowing for remote administration of the infected machine) for Windows Mobile Pocket PC. It is written in ASM for ARM-processors and is 5632 bytes in size.

Brador is created to allow the master full control over the infected PDA via the port that the Trojan opens. Brador is programmed to upload and download files and execute a series of further commands. Like all backdoors, Brador cannot spread by itself: it can only arrive as an email attachment, be downloaded from the Internet or uploaded along with other data from a desktop.

After Brador is launched in creates an svchost.exe file in the /Windows/StartUp/ folder, thus gaining full control over the handheld every time it is restarted (soft reset). The program then identifies the IP address of the infected handheld and sends it to the virus coder to inform him that the handheld is connected to the Internet and that the backdoor is active. Brador then opens port 2989 and awaits further orders.

The backdoor responds to the following commands:

  • d - lists the directory contents
  • f - closes the session
  • g - uploads a file
  • m - displays MessageBox
  • p - downloads a file
  • r - executes a specified command

    Symantec reports this trojan here and Kasperski is reporting it here.






  • comments powered by Disqus


    Trending now »

    Hot discussions in our forums right now:

    What would you do if you got this text?
    Created by kiwifidget, last reply by kiwifidget on 11-Feb-2016 21:12 (22 replies)
    Pages... 2


    Gravitational waves observed for the first time, proving Albert Einstein right 100 years on.
    Created by tehgerbil, last reply by joker97 on 13-Feb-2016 09:03 (35 replies)
    Pages... 2 3


    Netflix Crackdown - have you been affected?
    Created by Paul1977, last reply by LazyDr on 13-Feb-2016 11:09 (367 replies)
    Pages... 23 24 25


    Pretty serious security flaw with online bills
    Created by dclegg, last reply by BarTender on 12-Feb-2016 20:08 (31 replies)
    Pages... 2 3


    Whats something small that really annoys you?
    Created by Finch, last reply by alasta on 12-Feb-2016 19:55 (477 replies)
    Pages... 30 31 32


    Replacement genuine Laptop batts becoming unavailable in NZ ?
    Created by 1101, last reply by 1101 on 12-Feb-2016 16:29 (15 replies)

    Sex toys and Waitangi Day - Whats your take on the flip flopping day.
    Created by Mspec, last reply by pctek on 12-Feb-2016 16:47 (114 replies)
    Pages... 6 7 8


    How do you keep your Windows install clean and nice?
    Created by mdf, last reply by nathan on 11-Feb-2016 13:31 (12 replies)