Home / malware Trojan:SymbOS/Bootton.A
First posted on 15 July 2010.
Source: SecurityHomeAliases :
There are no other names known for Trojan:SymbOS/Bootton.A.
Explanation :
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
Additional DetailsBootton.A is a trojan distributed by Trojan:SymbOS/Onehop.A over Bluetooth as a malicious SIS file named 'ILoveU.sis'.
Bootton.A is structurally quite similar to Trojan:SymbOS/Skulls. It replaces built in and third party applications with component that causes device to reboot when executed.
Bootton.A also installs the modified Cabir that SymbOS/Onehop.A uses to distribute Bootton.A. Fortunately, it does not function as intended.
Execution
On installation, Bootton.A installs small component that resets the device if executed, this component is installed into locations where it replaces system and third party applications.
Bootton.A disables most of critical system functions and third party file managers. It also uses an application that causes device to reboot. If a device is infected with Bootton.A, pressing the menu button or any system application button will immediately reboot the device.
Only making and answering calls on the phone works. Other functions that need some system application such as SMS and MMS messaging, web browsing and using camera no longer work.Even if the device wouldn't immediately reboot, it is still unusable before it is disinfected.
Like Skulls.A, Bootton.A replaces the application icons with its own icon, which is a heart icon with the text "I-Love-U"
Bootton.A also installs the modified Cabir that SymbOS/Onehop.A uses to distribute Bootton.A. Fortunately, it does not function as intended.
The modified Cabir file installed by Bootton does not get executed automatically, and even if started by user, it is unable to send anything as the file it is trying to send does not exist on the system.Last update 15 July 2010
