F-Secure Trojan Information Pages : Romride.D
Romride.D is a malicious SIS trojan that installs malfunctioning system configuration components that cause different behaviour depending on the ROM software version on the device. Different effects witnessed range from start up failure to no apparent effect on the device at all. During install of the malicious software Romride.D shows a Nokia logo and plays an audio file that contains laughter. After installing Romride.D the phone restarts automatically.
Disinfection for the cases when phone cannot start up
CAUTION! this method will remove all data on the device including calendar and phone numbers: - Power off the phone
- Hold the following three buttons down - "answer call" + "*" + "3"
- Keep holding down the buttons and power on the phone
- Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
- Your phone is now formatted and can be used again
For a detailed description, please see the description for SymbOS/Romride.A.
F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 95.
Write-up: Juha-Pekka Heikkilä, June 1, 2006
Technical Details: Juha-Pekka Heikkilä, June 1, 2006
F-Secure Corporation
|
