HackerTool/Hahafon

Release DateJul 15, 2010
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.308
Description

Visible Symptoms

Abnormally high bill due to SMS sending

Detailed Analysis

Like HackerTool/FullBox, HackerTool/Hahafon is a Java ME midlet which helps an end-user send SMS messages under a fake identity. The end-user specifies an SMS text, the recipient's phone number and the name or phone number the message should appear to come from. The SMS message is not directly sent to the recipient. Instead, it is forwarded to the (non-free) short number 1051.
The midlet runs on any phone supporting Java.



Technical Details


A typical splash screen of the midlet is shown at Figure 1.

Figure 1. HackerTool/Hahafon splash screen
HackerTool/Hahafon offers a wide variety of SMS templates to send to friends. The end-user selects the template to send among categories such as Joke or Love SMS.
Figure 2. Main menu of the hacker tool (in Russian)
The list of SMS templates may be updated if the end-user requests it. In this case, an up-to-date template is downloaded from hxxp://hahafon.ru/mobile/hah.dat
Description Last Updated Date: Jul 26, 2010
Reference: ID - 1937626