F-Secure
Tools
Romride.J
| Name : | Romride.J |
| Category: | Trojan |
| Type: | Trojan |
| Platform: | SymbOS |
| Date of Discovery: | September 25, 2006 |
Summary
Romride.J is a malicious SIS trojan that installs malfunctioning system configuration components that cause different behavior depending on the ROM software version on the device.
In addition to the malfunctioning system configuration components, Romride.J installs a bootstrap component that always immediately restarts the device, leaving the phone in a loop, constantly restarting the phone.
In addition to the malfunctioning system configuration components, Romride.J installs a bootstrap component that always immediately restarts the device, leaving the phone in a loop, constantly restarting the phone.
Disinfection
Disinfection for the cases when phone cannot start up
CAUTION! this method will remove all data on the device including calendar and phone numbers:
• Power off the phone
• Hold the following three buttons down - "answer call" + "*" + "3"
• Keep holding down the buttons and power on the phone
• Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
• Your phone is now formatted and can be used again
To prevent future infections, please download F-Secure Mobile Anti-Virus from here: http://f-secure.mobi.
Additional Details
Romride.J installs a bootstrap component that reboots the phone leaving the phone in a reboot loop. Romride.J shows message "Attack Successfully" and restarts the phone after finishing the install of the malware, making the phone useless immediately.
Detection
F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 110.