CardTrap.AL is a trojan targeting Pre-Symbian9 UIQ devices.

CardTrap.AL overwrites system files in UIQ system preventing the device from booting up on next reboot. In addition to disabling the device CardTrap.AL also carries Net-Worm.Win32.Padobot.z and Email-Worm.Win32.Rays windows malware as a payload. The windows malware here are however a marginal threat since they are written during the install process to the D: drive of the device. D: drive is the ram-drive in the device that is cleared on reboot.

CardTrap.AL writes the following files into device:

• d:SYSTEM.exe
• d:autorun.inf
• d:fsb.exe
• d:uburuz.ICO
• c:systemdataSysFnt.ini
• c:systemfontsFreeType.dll
• c:systemfontsMusiSync.ttf
• !:info.txt.txt

Last update 21 September 2007

 

TOP