Threat description


Category: Malware
Type: Trojan
Platform: W32
Date Discovered: September 25, 2006


Trojan:SymbOS/Romride.J affects devices running the Symbian S60 operating system. It is distributed in a malicious SIS file and when executed, installs components that cause the phone to 'crash', essentially becoming useless.


Automatic action

CAUTION! This method will remove all data on the device, including calendar and phone numbers:

  • Power off the phone
  • Hold the following three buttons down - "answer call" + "*" + "3"
  • Keep holding down the buttons and power on the phone
  • Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
  • Your phone is now formatted and can be used again

Prevent future infections with F-Secure Mobile Security

Technical Details

On execution, Romride.J installs malfunctioning system component configurations. These components are designed to cause effects on the device, which may differ based on the version of ROM software installed. The message "Attack Successfully" is displayed, then the phone is immediately rebooted.

The effects produced by the system components are not seen, as Romride.J also installs a bootstrap component that reboots the phone every time it attempts to complete startup, leaving the phone in a continuous reboot loop.


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Sample

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More