Windows Mobile Trojan horse found in the wild

Click here to learn
about this Sponsor:

Keywords: Match:

Feb. 26, 2008

McAfee's Avert Labs division is warning users about one of the first "Trojan horse" viruses to afflict Windows Mobile. Dubbed WinCE/Infojack, it allows silent installation of malware, and sends information about an infected device to the Trojan's author, according to the company.

In a posting on the Avert Labs blog, mobile antivirus researcher Jimmy Shah writes that WinCE/Infojack was created by a unnamed Chinese website. It was packed inside legitimate installation files and distributed with Google Maps, applications for stock trading, and the collection of games seen below, according to Shah.

WinCE/Infojack comes with a collection of games (left) and installs itself silently (right)
WinCE/Infojack installs itself like other Windows Mobile applications, though without announcing what it is doing (above right). Once installed, it has a number of features that show its malicious intent, as listed by Shah:

Protecting itself from deletion and copying itself back to disk
Replacing Internet Explorer's home page
Allowing unsigned applications to install without warning
Installing as an Autorun program on a memory card, if available
Installing itself on subsequent devices into which that infected memory card is inserted

The Trojan sends the infected device's serial number, operating system, and other information to the author of the trojan. It also modifies the infected device's security setting to allow unsigned applications to be installed without a warning, says Shah.

Further information

Avert Labs provided no information on whether detection of WinCE/Infojack would be added to antivirus software for Windows Mobile. However, the website that distributed WinCE/Infojack is no longer online, "due in part to an investigation by local law enforcement," Shah writes.

To read Shah's complete posting, see the McAfee Avert Labs blog, here.

Related stories:

(Click here for further information)

7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.

4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.

Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.

Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.

Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.

Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.

Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.

Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.

Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.

Got a HOT tip? please tell us!

Click here for a profile of each sponsor:

PLATINUM SPONSORS
<a href="http://ad.doubleclick.net/jump/entzd.windowsfordevices/desktop;kw=msembedded;pos=top;dcopt=ist;zdid=a221772;tile=1;sz=150x30;ord=<script=JavaScript>document.write(Math.round(Math.random()10000000000));</script>?"" style="border-width:0px;height:150px;width:30px;"><img src="http://ad.doubleclick.net/ad/entzd.windowsfordevices/desktop;kw=msembedded;pos=top;dcopt=ist;zdid=a221772;tile=1;sz=150x30;ord=<script=JavaScript>document.write(Math.round(Math.random()10000000000));</script>?" style="border:0; height: 150; width:30;" /></a>		<a href="http://ad.doubleclick.net/jump/entzd.windowsfordevices/desktop;kw=trolltech;pos=top;dcopt=ist;zdid=a221772;tile=1;sz=150x30;ord=<script=JavaScript>document.write(Math.round(Math.random()10000000000));</script>?"" style="border-width:0px;height:150px;width:30px;"><img src="http://ad.doubleclick.net/ad/entzd.windowsfordevices/desktop;kw=trolltech;pos=top;dcopt=ist;zdid=a221772;tile=1;sz=150x30;ord=<script=JavaScript>document.write(Math.round(Math.random()10000000000));</script>?" style="border:0; height: 150; width:30;" /></a>

(Become a sponsor)

ADVERTISEMENT
(Advertise here)

HOT TOPICS • 2006 Windows Embedded retrospective
• Windows CE 6 Arrives
• Shared source contest winners
• Ultra Mobile PCs
• Spotlight on SPOT
• Embedding Windows is 4X cheaper than Linux
• CE "core" reduced to $3

...in our 2007
Windows Embedded Market Survey

Check out the latest Windows-powered...

mobile phones!

other cool
gadgets

REFERENCE GUIDES
• Windows Device Showcase
• Intro to Windows Embedded
• Intro to Shared Source
• Real-time Windows Embedded
• Windows Embedded books

BREAKING NEWS

• Windows XP leaps onto OLPC laptop
• "1-Watt" x86 processor powers pico-ITX board
• Webcast covers Windows Mobile development
• "Software-only" GPS supports WIndows
• Atom-based ECX board runs Windows
• $7 SoC runs Windows CE
• April XPe chat transcript available
• Little thin client runs Windows CE or XP Embedded
• Microsoft releases VS 2008, NET Framework 3.5 betas
• E-reader boasts 6-inch EPD display, Windows CE
• Thin clients bulk up on software
• Microsoft warns of Windows CE 5.0 security hole
• New COM design claims extra robustness
• Windows Mobile 6.1 phone has sportscar styling
• SDIO controller supports multiple memory cards

Join our Windows Embedded discussion forums:
• Windows XP Embedded
• Windows CE
• Windows Mobile

Windows Embedded developer newsgroups
• Windows CE
• XP Embedded
• PocketPC
• Smartphone

Microsoft's Windows Embedded resources
• Embedded dev center
• Mobile dev center
• Windows CE tutorials
• XP Embedded tutorials
• Windows Embedded seminars
• Windows Embedded application categories
• 3rd-party partners

Also visit our sister sites:

Sign up for WindowsForDevices.com's...

news feed

Use of this site is governed by our Terms of Service and Privacy Policy. Except where otherwise specified, the contents of this site are copyright © 1999-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is prohibited. Windows is a trademark or registered trademark of Microsoft Corporation in the United States and/or other countries and is used by WindowsForDevices under license from owner. All other marks are the property of their respective owners. WindowsForDevices is an independent publication not affiliated with Microsoft Corporation.