F-Secure Trojan Information Pages : Cardtrap.Q
Cardtrap.Q is Symbian SIS file trojan that disables several Symbian built in applications, tries to damage some 3rd party applications and installs Windows worm to the memory card.
The files that Cardtrap.Q drops to the memory card, contain several references to F-Secure. F-Secure has nothing to do with creation of Cardtrap or any other malware
Disinfection with Anti-Virus - Download F-Secure Mobile Anti-Virus to your phone from http://www.f-secure.com/wireless/download/
- Install the Anti-Virus to your phone over USB cable
- Start and activate the Anti-Virus
- Scan your phone to remove infected files
- Use application manager to uninstall the file in which you installed Cardtrap.Q.
Spreading in “KingKong Game - CRACKED .sis” Installation to the phone
Cardtrap.Q tries to disable key system applications and 3rd party products by installing several damaged files to the phone memory
Cardtrap.Q tries to disable following system applications: - Application installer
- Application manager
- Browser
- Camera
- Notepad
- File manager
- Bluetooth manager
- MMS and SMS messaging inbox
Cardtrap.Q installs following Symbian malware: - SymbOS/Cabir.AB
- SymbOS/Lasco.A
F-Secure Mobile Anti-Virus is capable of detecting Cardtrap.Q with generic detection, so if phone has functional Anti-Virus installed the Cardtrap.Q is blocked before it can be installed.
Installation to the MMC card Cardtrap.Q installs Windows worm
to the phone MMC card. Worm is installed with filename, icon and shortcut link, that try to fool user into clicking them.
F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 58.
Write-up: Mika Tolvanen
Technical Details: Mika Tolvanen, January 25, 2006
Description Updated: Mika Tolvanen, January 25, 2006
F-Secure Corporation
|
![](/images/pixel.gif"){kind=tracking}
