NT fortifying against SMS virus
KATHMANDU: Nepal Telecom — through its new virus detection procedure — till date has detected around 27,000 cases of SymbOS.Hatihati.A, an SMS virus.
‘SymbOS.Hatihati.A’ is a Trojan horse that runs on the Symbian OS. It is a pirated version of the anti-theft software Guardian v0.95 that contains a bad configuration file. This virus resides in Mobile Memory and tries to send SMS automatically to pre-defined numbers like +3396003964. HatiHati.A is a worm-like application that spreads via Mobile Memory Cards. Once the worm copies itself to a new device, it starts sending a very large number of SMS messages to a pre-defined number. The pre-defined number is inherent with the Hatihati.A malware and will not be picked from the contact list.
“Under this system we are doing manual work such as listing the virus infected mobile numbers and sending messages to these mobile numbers so that the users can disinfect their mobile. Till date, we have listed 27,000 mobiles infected by virus,” said Anil Joshi, deputy manager at Nepal Telecom. According to Joshi, common symptoms of Hatihati.A malware infection are:
1. A Hatihati.A malware icon in the applications folder of the phone when the phone is rebooted without the SIM card
2. Unrecognised texted numbers on your cell phone logs
3. Difficulty in sending SMS due to continuous sending by the said malware
4. Abnormally fast depletion of battery charge/power.
The virus spreads if an infected MMC is inserted. Sharing of MMC in phones also can spread the Hatihati.A malware. Downloading free mobile applications via trusted WAP sites will not induct the malware nor will sharing or transfer of SIM from one mobile phone to another. It also cannot spread via Bluetooth or Infrared.
Mobile units that are prone to Hatihati.A malware are those high-end ones with Symbian Operating System (OS). These are prone to infection from Hatihati.A malware. Different brands, units, and models can get infected regardless of the mobile service provider. According to NT, commonly infected phones include N70, N73, N80 and Nokia 6680. A soft format procedure cleans the phone memory only, while SMS, contacts and other features will still be intact.
One can check if one’s phone is vulnerable to the malware through http://www.s60.com/life/s60phones/browseDevices.do, according to NT.