Threat Description

Trojan:​W32/Romride.J

Details

Aliases: Trojan:​W32/Romride.J, Trojan:​W32/Romride.J
Category: Malware
Type: Trojan
Platform: W32

Summary



A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.



Removal



CAUTION! This method will remove all data on the device, including calendar and phone numbers:

  • Power off the phone
  • Hold the following three buttons down - "answer call" + "*" + "3"
  • Keep holding down the buttons and power on the phone
  • Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
  • Your phone is now formatted and can be used again

Prevention

Prevent future infections with F-Secure Mobile Anti-Virus



Technical Details



Trojan:SymbOS/Romride.J affects devices running the Symbian S60 operating system. It is distributed in a malicious SIS file and when executed, installs components that cause the phone to 'crash', essentially becoming useless.

Execution

On execution, Romride.J installs malfunctioning system component configurations. These components are designed to cause effects on the device, which may differ based on the version of ROM software installed. The message "Attack Successfully" is displayed, then the phone is immediately rebooted.

The effects produced by the system components are not seen, as Romride.J also installs a bootstrap component that reboots the phone every time it attempts to complete startup, leaving the phone in a continuous reboot loop.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More