Home / malware Trojan:Java/SMSer.W
First posted on 08 November 2011.
Source: SecurityHomeAliases :
There are no other names known for Trojan:Java/SMSer.W.
Explanation :
Trojan:Java/SMSer.W is a trojan that affects mobile devices using Java Platform, Micro Edition, using the application name 'Jimm'.
Top
Trojan:Java/SMSer.W is a trojan that affects mobile devices using Java Platform, Micro Edition, using the application name 'Jimm'.
It is used to trick users into downloading potentially malicious mobile applications on to the device, and may appear as the following:
Commonly, the scams it has been observed using are:
- Offering the user an application to configure the display quality of the phone
- Offering access to archives of music and ringtones
Upon execution, it asks the user to confirm acceptance of the application.
'Confirm acceptance of the rules download Jimm. To continue the download button below.'
The trojan will continue to ask the user about product offerings.
When the affected user presses "Yes" to any to confirm any of the prompts, the malware silently sends an SMS to a premium number without informing the user.
Below is a series of prompts displayed by the trojan:
'Do you want to access the archive of ringtones?'
'Do you want to access the archive of music?'
'Completed
If the message does not come - you can download Jimm at mxmoby.ru/<removed>/1s9sX, or click Next to automatically download the file'
Analysis by Zarestel Ferrer
Last update 08 November 2011
