Threat Description

Trojan:​SymbOS/CDropper

Details

Aliases: Trojan:​SymbOS/CDropper, SymbOS/Cdropper
Category: Malware
Type: Trojan
Platform: SymbOS

Summary



A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.



Removal



Automatic Disinfection

F-Secure Mobile Anti-Virus will detect the installed Cabir variants and delete the worm components. After deleting worm files you can use application manager to uninstall the SIS file that dropped the worm.

If your phone is infected with Cabir variant and you cannot install files over Bluetooth, you can download F-Secure Mobile Anti-Virus directly to your phone

  • Open web browser on the phone
  • Go to http://mobile.f-secure.com
  • Select link "Download F-Secure Mobile Anti-Virus" and select phone model
  • Download the file and select open after download
  • Install F-Secure Mobile Anti-Virus Go to applications menu and start Anti-Virus
  • Scan all files


Technical Details



This description is for the Trojan:SymbOS/CDropper malware family, which contains numerous variants. Trojan:SymbOS/CDropper functions, as its name suggests, as a dropper. On arriving on a new system, it installs Cabir variant(s) into several places in the device file system.

Some of the installed Cabirs will replace system or common third party applications. If the user has one of these applications installed, it will be replaced with Cabir and its icon in the menu will go blank.If the user clicks on one of the replaced icons in the menu, the Cabir executable will execute and try to spread to other devices.

For more details, see Trojan:SymbOS/CDropper.A






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Keep your mobile device protected

F-Secure Mobile Security will keep your mobile device protected on the go and enable you to find it in case you lose it

Learn More