Spy/Sensyscan!SymbOS - Released Jul 08, 2010 - Last Updated Jul 13, 2010
|
Detection Availability
|
Visible Symptoms
- Applications complain the camera is used by another application
- Abnormally high bill due to SMS/MMS/e-mail sending
- Battery loss due to intensive camera usage
|
Detailed AnalysisSpy/Sensyscan!SymbOS is a spyware for Symbian OS. Like Spy/PhotoSpy!SymbOS, it turns the phone into a camera surveillance device. When motion is detected, the phone automatically takes a picture and stores it on the phone (or memory card).
The spyware can be configured to send SMS, MMS or email to a configurable phone number when motion is detected.
This spyware's behaviour is borderline. There may be situations for which the application is legit, but, on the other hand, if installed without user's consent, it obviously threatens privacy, so end-users or systems administrators may want to ban it from their phone/networks.
Technical Details
The version for Symbian OS 7 and 8 installs the following files:
- c:\system\sensy\comhlp.txt
- !:\system\help\sensyscan.hlp: help file
- !:\system\apps\sensy\sensy.mbm
- !:\system\apps\sensy\sensy.aif
- !:\system\apps\sensy\sensy.rsc
- !:\system\apps\sensy\sensy.app: main application.
- license0.txt
On Symbian OS 9, the installed files are similar:
- !:\sys\bin\Sensy_SelfCert.exe: main application
- !:\resource\apps\Sensy_SelfCert.rSC
- C:\System\Sensy\splash\sensy.mbm
- !:\resource\apps\sensy.mif
- !:\resource\apps\Sensy_SelfCert_loc.rSC
- !:\private\10003a3f\import\apps\Sensy_SelfCert_reg.rSC
- !:\resource\help\SensyScan.hlp
- C:\system\Sensy\ComHlp.txt
- !:\private\A0004898\backup_registration.xml
|
Recommended ActionFortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
|
