Mosquito Trojan Bites Developer Back

The saga of the first Trojan Horse for Symbian smartphones took a twist worthy of Homer’s epic poem the Iliad today, as it has become apparent that the perpetrator was the developer of the infected game itself, Ojum Software.

According to anti-virus company F-Secure, Ojum placed the Trojan in the game Mosquito as a clever form of copy protection. So if a ”cracked” or illegal version of the game was developed or Mosquito was played on an unregistered smartphone, the Trojan dialed a specific number silently in the background, sending an SMS message notifying Ojum.

While the Trojan dialer worked as planned, as a cracked version of the game sent SMS messages to the company, it backfired too, as it appears a number of legitimate users were affected. Since Ojum picked a premium number for its Trojan to dial, even some of its customers ended up with large fees.

As a result of this fiasco, Ojum terminated the premium rate contract for the phone number the Trojan dialed. So even though old versions of the game still send hidden SMS messages, it only costs the nominal fee of sending the message itself.

Ojum also released a new version of the game that no longer contained this hidden function. Cracked versions of Mosquito that send hidden SMS messages, however, still float around on peer-to-peer networks. You can identify the SMS sending version of Mosquito by the following message: This version has been cracked by Soddom Bin Loader.

A Brief History of Handheld Viruses.

It has only been the last couple of months that anti-virus companies uncovered handheld viruses. The first two, one for Symbian smartphones and the other for Pocket PC PDAs and phones, were from members of 29a, an international group of programmers that specialize in proof-of-concept viruses.

So EPOC.Cabir and WinCE.Dust were developed not to create havoc but to prove that malicious code for handhelds could be generated.

Last week, however, anti-virus firms discovered the first ”wild” handheld malware. Unsuspecting Pocket PC users received the Trojan Horse Bardor as a disguised e-mail attachment. For those who launched the attachment, it allowed the creator of the Trojan to control the Pocket PC and all the data on it the next time users connected to the Internet.

Less than a week after Bardor attacked Pocket PCs, the Mosquito game Trojan dialer appeared.

Members of the staff worked on this story. This article was first published on

Top Products

Related articles