- Threat Encyclopedia
- Malware
- J2ME_FAKEBROWS.A
Windows Mobile, Symbian OS
This malware uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it disguises as a mobile web browser Opera Mini. Once the user agreed with the services of the fake browser, it sends SMS messages to premium numbers.
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
This application disguises itself as the mobile web browser, Opera Mini.
While running, it checks if the mobile phone uses any of the specific service centers.
If it uses any of these, it proceeds to sending SMS to a number encoded in data.res.
It sends the message “424626 357 OX” to specific premium numbers via SMS.
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.
It bears the file icons of certain applications to avoid easy detection and consequent removal.
Arrival Details
This Trojan may be unknowingly downloaded by a user while visiting malicious websites.
It may be manually installed by a user.
Installation
This Trojan bears the file icons of the following applications:
NOTES:
This application disguises itself as the mobile web browser, Opera Mini.
While running, it checks if the mobile phone uses any of the following service centers:
If it uses one of the above, it proceeds to sending SMS to a number encoded in data.res.
It sends the message “424626 357 OX” to the following premium numbers via SMS:
It affects the following mobile devices that support MIDlets:
Step 1
For Windows XP and Windows Server 2003 users, before doing any scans, please make sure you disable System Restore to allow full scanning of your computer.
Step 2
Scan your computer with your Trend Micro product to delete files detected as J2ME_FAKEBROWS.A. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Step 3
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.
Download and install the Trend Micro Mobile Security App via Google Play.