Some security vendors have issued alerts for Symbos_Locknut.A, Symbian malware that can infect mobile devices running Symbian OS v7.0s but does not propagate. It uses a vulnerability in Symbian OS v7.0s and causes a system process crash to lock the mobile device.
Upon installation, this malware drops several files and folders in the C: directory of the phone. These files are specially crafted in such a way that most of the special buttons of the phone are disabled. As of this writing, samples of this malware leave only the keypad buttons enabled.
It can also infect mobile devices running Symbian OS v6.1 and v7.0 but fails to cause the system to crash.
Technical details can be found at Trend Micro page.
According to Panda Software, which also issued an alert, Locknut.A is a Trojan that only affects cellular phones that use the operating system Symbian 7.0S or later.
Locknut.A passes itself off as a patch for the cellphone, thus attempting to trick the user into running it. Once it is run, Locknut.A replaces the operating system components, which prevents some applications from being run. As a result, the cellphone blocks.
Some variants of this Trojan install a copy of a Symbian worm, detected as SymbOS/Cabir.A.worm.
Keep in mind that Locknut.A needs the user intervention in order to be run on the cellphone, according to the vendor. Before the malicious file is installed, the user receives a security warning.
Technical details can be found at this Panda Software page.
2/2: Symbos_Locknut-A Hits Symbian Devices
