A cracked version of popular Mosquitos game for Symbian based smartphones sends SMS to premium numbers without the owner's knowledge. The first reporting of this behavior was in our forums. Since then Cyrus Peikari, Seth Fogie, Jonathan Read and David Hettel have written a five part article about malware (trojan, worm and virus) for mobile phones, including a special analysis of this cracked version.
"A dialer Trojan is malware coded to secretly dial phone numbers, leaving the infected victim with a large phone bill. There are two reasons why someone might code and spread a dialer Trojan. The first reason is destructive, perhaps as tool of revenge. The second reason is for financial gain. Simply set up a premium 900 number and charge $5.99 a minute. Then, all the malicious coder needs is a few hundred infected victims to make a decent amount of money."
"The game that the infected users had installed was called Mosquito v2.0. The game is unique in that it uses the phone's built-in camera. The user walks around shooting mosquitoes in a virtual reality–like atmosphere. This game appeared to be a "cracked" version that appeared on the many cell phone warez and p2p networks that plague the Internet underground. It appeared that 87140 was a UK number costing a hefty £1.50 per text message."
"The malicious game uses SMS routines. That makes it one of the first documented Trojans written specifically for cellular phones. At the least, it's the first Symbian-based cellular phone dialer Trojan we've found."
The malware can be identified by the words "Free Version cracked by SODDOM BIN LOADER" inside the program code. This cracked version is available in some P2P networks and other sites that deliver cracked versions of software.
I was told by Kiwi company SimWorks, that they'll be working on an update for their SymWorks Antivirus program for Symbian.