We received an interesting collection of Symbian malware samples last Friday (15th). The samples were sent from a large telecom operator. Our thanks to Dawid.
What was interesting about the collection? It contained 21 – corrected June 19th 10:30 – new Commwarrior variants, all of them detected with generic detection. The variants were created by editing text strings in Commwarrior.A and .B variants.
What makes this case interesting is that all of the samples were intercepted from the telecom operator's network, which means that Commwarrior is still quite prevalent and that some people are making a lot of variations. But ultimately they are just wasting their time as operators do just happen to care about what is going on within their networks, and all of the samples in the set were detected by the operator.
F-Secure Mobile Anti-Virus is able to detect all of the 21 – corrected June 19th 10:30 – new variants using generic detection. So the number of new variants is rather meaningless, but it is interesting to see that there seem to be many people with nothing better to do than to create new trivial variants of mobile malware.