Home / malware Dialer:WinCE/Terdial.A
First posted on 26 April 2010.
Source: SecurityHomeAliases :
Dialer:WinCE/Terdial.A is also known as TR/WinCE.Terdial.A.1 (Avira), WinCE/Terdial.A (ESET), Trojan.WinCE.Terdial.a (Kaspersky), Trojan.WinCE.B (Norman), Troj/Terdial-A (Sophos), TROJ_TERDIAL.A (Trend Micro), 3D Anti-Terrorist action trojan (other).
Explanation :
Dialer:WinCE/Terdial.A is a dialer trojan that makes outbound calls to a premium rate phone number. This action results in unexpected and often large telephone charges on affected users€™ phone bills. InstallationIn the wild, this trojan has been seen to be packaged with a third party application named "3D Anti-Terrorist action" in files named "antiterrorist3d.cab" and "codecpack.cab". This trojan runs on Windows Mobile 6.5 devices. The trojan may be present as the following on an affected device: \Windows\smart32.exe When installed, the trojan attempts to dial the following international toll numbers at random intervals every 0 to 3 days:+8823460777 +17675033611 +88213213214 +25240221601 +2392283261 +881842011123
Analysis by Tim LiuLast update 26 April 2010
