WINCE_INFOJACK.A |
|
| BugsAlert Home > WINCE_INFOJACK.A | |
|
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview This worm is designed to run in the Windows CE environment used in mobile devices. It drops file(s)/component(s). It creates registry key(s)/entry(ies). It connects Web sites to send and receive information. When an affected mobile device is connected to the Internet, this worm steals system information and sends the gathered them to a home server. It accesses Web site(s) to download files. It also downloads an updated copy of itself from a certain Web site. However, as of this writing, the said URL is inaccessible. This worm randomly alters the security settings on the affected mobile. This causes all software installations to complete without giving any safety precaution. It may also send SMS from the compromised device to randomly selected contacts. It drops copies of itself on memory cards inserted in an affected device. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WINCE_INFOJACK.A Learn more about WINCE_INFOJACK.A |
|
| Tags: wince infojack.a | |
Related Items |
|
|
FrSIRT - Microsoft Windows Speech API Remote Code Execution (MS08-032)
|
|
|
FrSIRT - GNU ed "strip_escapes()" Function Buffer Overflow Vulnerability
|
|
|
CVE-2008-5719 (groupmax_web_workflow_sdk_set_for_active_server_pages, groupmax_workflow_to_devel...)
|
|
|
RedHat: Critical: java-1.6.0-sun security update
|
|
|
Session_name issue
|
|
|
Portrait: Metasploit godfather H.D. Moore
|
|
|
MS08-033 ? Critical: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
|
|
