We received the sample set of the 52 files that were claimed to be new Symbian trojans.

And we confirm that, yes the files are malicious. After brief examination it seems that the trojans are variants of Skulls trojan, modifications based on Skulls.D.

The trojans in the set are very similar to each other, basically they have been created by inserting malicious SIS file into pirated copies downloaded from the net.

So even as there are large number of infected files, the actual number of new trojans is quite low. We estimate that after analysis the files will fall under 2-3 variant letters.

So what we have here is large collection of minor variants of same trojan, or collection of files that have been manually infected by a trojan. A thing that we have already seen on earlier skulls variants. But not on this scale.

And the good news is that the generic detection in F-Secure Mobile Anti-Virus is already capable of detecting all samples without any need for database updates.

None of the trojans in the set have been seen in the wild, and most likely will not get in the wild either. So the case is interesting from academical point of view, but not a real threat to the users.

We will do some statistics on the trojans, and add descriptions about the new variants early next week.