A new Trojan horse aimed at smart phones using the Symbian operating system is set to spoil the holiday season for uninformed wireless gamers.
The malware, MetalGear.a, which masquerades as a Symbian version of the Metal Gear Solid game, disables anti-virus programs and also installs a version of the Cabir worm identified earlier this year, according to SimWorks International, which issued an alert on Tuesday.
The Cabir worm, in turn, attempts to spread a second Trojan program, called SEXXXY, to nearby phones through the Bluetooth short-range wireless protocol.
"This is a new strand of smart phone malware because it actually consists of three pieces: two Trojans and a worm," said Aaron Davidson, chief executive officer of SimWorks. "It also shows how viruses writers are getting more sophisticated."
To infect their phones, users must open and install the fake Metal Gear game, according to Davidson. "There are plenty of Web sites offering cracked versions of games," he said. "These sites are used not only by people seeking free software but also by virus writers."
Similar to the Skulls trojan detected last month, the MetalGear Trojan uses the same icon-disabling technique to disable antivirus and other applications.
The Trojan also installs a version of the Cabir worm, which seeks to spread itself by sending a file called SEXXXY.sis to any Bluetooth-enabled phones in the vicinity, SimWork said. If users accept and install this file, it disables the Symbian application button on their phones.
In particular, if users install the MetalGear Trojan program, they will have difficulty repairing their phones because the program effectively disables all tools on the phone necessary to undo the damage, Davidson said.
The MetalGear and SEXXXY Trojan programs are included in a program, called Metal Gear.sis.
Anti-virus software from SimWorks has been updated to provide protection from both Trojan programs, Davidson said.
So far, Trojan horses, worms and viruses aimed at smart phones have failed to spread rampantly: Their propagation has been hindered by the need for users to accept and install programs.