Flexispy.A
| Name : | Flexispy.A |
| Category: | Malware |
| Type: | Trojan-Spy |
| Platform: | SymbOS |
Summary
FlexiSPY is a spyphone application.
There are newer versions of FlexiSPY than the variant described here. Current versions exhibit different behavior and are not classified as malware.
There are newer versions of FlexiSPY than the variant described here. Current versions exhibit different behavior and are not classified as malware.
Disinfection
Removal using F-Secure Mobile Anti-Virus
If you feel you want to remove Flexispy from your device, you can do that by doing the following:
If you feel you want to remove Flexispy from your device, you can do that by doing the following:
• Download F-Secure Mobile Anti-Virus from http://phoneav.com and activate the Anti-Virus
• Scan the phone and remove any components of the malware
• Reboot the phone to remove memory resident components
• Go to application manager and remove the "phones" application to remove any remaining components
Additional Details
Installation
Flexispy.A is installed in a standard SIS package and when installed the application uses the name "phones". It does not give any indication as to what is being installed.
After installation the application will immediately go into hiding and locks its files so that the application uninstaller cannot remove it.
User Interface
The user interface of Flexispy.A is only accessible by entering a special code in the phone number field.
In the user interface, the attacker can control when the spying application reports and what information is recorded.
Recording the Victim's Communication
Flexispy.A records both voice call and SMS information and sends the details to the FlexiSpy server. From there the information can be accessed through a web browser.
Recording Voice Calls
Flexispy.A records the following details from the victim's voice calls:
Recording SMS
Flexispy.A records the following details from the victim's SMS message traffic:
.gif)
Flexispy.A is installed in a standard SIS package and when installed the application uses the name "phones". It does not give any indication as to what is being installed.
After installation the application will immediately go into hiding and locks its files so that the application uninstaller cannot remove it.
User Interface
The user interface of Flexispy.A is only accessible by entering a special code in the phone number field.
In the user interface, the attacker can control when the spying application reports and what information is recorded.
Recording the Victim's Communication
Flexispy.A records both voice call and SMS information and sends the details to the FlexiSpy server. From there the information can be accessed through a web browser.
Recording Voice Calls
Flexispy.A records the following details from the victim's voice calls:
• IMEI
• Client time
• Server time
• Direction
• Duration
• Phone number
• Contact name in the victim's phonebook
Recording SMS
Flexispy.A records the following details from the victim's SMS message traffic:
• IMEI
• Client time
• Server time
• Direction
• Duration
• Phone number
• Contact name in the victim's phonebook
• Contents of SMS messages
Detection
F-Secure Anti-Virus detects this malware with the following updates:
[FSAV_Database_Version]
Version = 2006-03-29_02.
F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 81.