Welcome | Sign In
LinuxInsider.com
Security

Brador Trojan Targets Microsoft Pocket PC Handhelds

Print Version
E-Mail Article
Reprints
Brador Trojan Targets Microsoft Pocket PC Handhelds

By Doug Maxwell
TechNewsWorld
Part of the ECT News Network
08/06/04 5:21 PM PT

Brador is created to allow the master full control over the infected Pocket PC PDA via the port that the Trojan opens. According to information received by the Kaspersky Virus Lab, Brador was probably written by a Russian virus coder. The Trojan was attached to an email with a Russian sender address and Russian text inside.


Increase Customer Sales with VerticalResponse Email Marketing! Quickly and easily send email newsletters, coupons & sales announcements to your customers – no technical expertise needed. Sign up for your Free Trial today and send 100 emails on us!

Kaspersky Labs has detected Backdoor.WinCE.Brador.a, the first backdoor Trojan for PDAs running under PocketPC, a Microsoft (Nasdaq: MSFT) handheld operating system originally known as Windows CE. Brador is a classic Trojan backdoor program: It opens the infected machine for remote administration.

After the backdoor is launched, it creates an svchost.exe file in the Windows autorun folder, thus maintaining full control over the system every time the handheld is turned on.

Brador then identifies the machine's IP address and sends it to the author, informing the author that the handheld is connected to the Internet and the backdoor is active. Finally, Brador opens port 2989 and awaits further commands.

Brador is created to allow the master full control over the infected PDA via the port that the Trojan opens. Brador is programmed to upload and download files and execute a series of further commands.

Brador Cannot Spread by Itself

Like all backdoors, Brador cannot spread by itself: It can only arrive as an e-mail attachment, be downloaded from the Internet or uploaded along with other data from a desktop.

"We were certain that a viable malicious program for PDAs would appear soon after the first proof of concept viruses emerged for mobile phones and Windows Mobile," commented Eugene Kaspersky, head of antivirus research at Kaspersky Labs. "WinCE.Brador.a is a full-scale malicious program ready to go: unlike proof of concept malware, Brador has a complete set of destructive functions typical for backdoors."

According to information received by the Kaspersky Virus Lab, Brador was probably written by a Russian virus coder. The Trojan was attached to an email with a Russian sender address and Russian text inside.

Brador Author

Interestingly enough, the author is offering to sell the client part for the Trojan to all interested parties, which means that there is a real chance that the backdoor might be bought by somebody who will use it commercially. Virus writers are turning professional with a vengeance.

"PDA users face a real danger and we can be sure that the computer underground will snatch at the chance to attack PDAs and mobile phones in the nearest future," added Kaspersky. "Malware development for mobiles is passing through the same stages as malware for desktops. We will probably see a serious outbreak of viruses for handhelds sometime soon."

Kaspersky Labs has already updated the antivirus databases with protection against Brador.

Print Version E-Mail Article Reprints More by Doug Maxwell

Talkback: Be the first to comment on this story.

More by Doug Maxwell

Windows XP Service Pack 2 Here at Last
August 07, 2004
During the worldwide rollout of Windows XP Service Pack 2, Microsoft plans to localize the software in 25 languages over the next two months and distribute it to computer manufacturers, enterprise customers and consumers through downloads, retail installation, free CDs and on new PCs. "Service Pack 2 is a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks," said Bill Gates, chairman and chief software architect at Microsoft. 		Windows Users Eagerly Await XP Service Pack 2
August 06, 2004
The security-focused Windows XP Service Pack 2 (SP2) update for Microsoft's main operating system is now only days away, Microsoft's senior product manager Matt Pilla indicated this week. 		IBM Takes Open-Source Commitment to the Next Level
August 05, 2004
The timing of IBM's announcement about open-source patents is notable, said Steve Frank, a partner in the patent and intellectual property group of Boston-based law firm Testa Hurwitz & Thibeault. He said that technology companies are more protective of intellectual property concerns now than in the past.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> WiFi Hotspot Locator
> Inside LinuxInsider
LinuxInsider
E-Commerce Times
TechNewsWorld
MacNewsWorld
CRM Buyer
Today's LinuxInsider Sponsors
Avaya Aura™
Save up to 40% on calling costs with Avaya Aura™
Entrust Extended Validation SSL
Entrust EV SSL certificates -- "go green" for less. Now from only $199 per year.
Trend Micro Smart Protection Network(TM)
Lower your content security management costs by up to 40%.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2009 ECT News Network, Inc. All Rights Reserved.