Redbrowser claims to send free SMS messages to fool the user into allowing the application permission to use Java SMS capabilities in phones that require permission from the user before sending SMS messages. This claim of free service is a form of social engineering. The social engineering texts used in Redbrowser.A are in Russian, which limits the trojan only to Russian speaking countries.
Redbrowser.A contains a fixed phone number to which it will send SMS messages. After Redbrowser.A has shown the social engineering texts it will send a SMS message to that number.
The message sending function of Redbrowser.A is in an infinite loop, so unless terminated by the user it will send a constant stream of messages. Each of those message will be charged to the user's account.First Redbrowser.A tells the user that its web browser uses SMS messages instead of a GPRS connection.
In the next step it asks the user to select an operator (service provider) to be used for browsing.
After that the user has options to either pass or exit. (See below.)
If the user choose the pass option then Redbrowser.A will start a continuous flood of SMS messages. Each message requires the users approval.