Threat description




Trojan:SymbOS/Singlejump is a family of trojans that infect devices running the Symbian operating system. On execution, variants in the family replace built-in and third party applications on the device with components that reset the phone if launched.


Disinfection with two Series 60 phones

Download F-Skulls tool onto a PC or directly onto a phone:

  • 1. Install F-Skulls.sis into infected phones memory card with a clean phone
  • 2. Put the memory card with F-Skulls into infected phone
  • 3. Start up the infected phone. The application menu should work now
  • 4. Press menu button until you get Symbian process menu, look for any applications with strange icons. Kill the application processes with 'C' button.
  • 5. Go to application manager and uninstall the SIS file in which you installed the Singlejump variant
  • 6. Download F-Secure Mobile Security and activate it
  • 7. Scan the phone and remove any remaining components of Singlejump
  • 8. Remove the F-Skulls with application manager as the phone is now cleaned

Technical Details


Singlejump variants also use variants from the Bluetooth-Worm:SymbOS/Cabir family to distribute other trojans to new victim devices. The Cabir worm is started automatically when the malware is first installed; if the device is rebooted, the Cabir worm will simply start again.

Instead of sending a copy of itself, the Cabir variant loads the SIS file installed by Singlejump and sends it to the first phone it finds within Bluetooth range.

In most cases, these trojans doesn't send themselves further than a single new victim, so its quite obvious how this malware got its name.

Submit a Sample

Suspect a file or URL was wrongly detected? Send it to our Labs for further analysis

Submit a Sample

Protect your life on every device

F-Secure SAFE looks out for you and the people close to you, on every device

More Info