SymbOS/BkmarkDisabl.A!tr

Alias/esBkmarkDisabl.A (NetQin)
Release DateJul 13, 2010
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.308
Description

Visible Symptoms

  • Impossible to access web browser's bookmarks.
  • The following picture is available on the mobile in c:\system\data


Figure 1. Mobile phone infected by SymbOS/BkmarkDisabl.A!tr. The picture says "Xixi(laughter)... your bookmark is dead".

Detailed Analysis

SymbOS/BkmarkDisabl.A!tr affects mobile phones running Symbian OS 7 or 8. It usually poses as an MP3 tool, but instead only disables bookmarks on the mobile phone.


Technical Details


The malware installs the following files on the phone:
  • c:\system\data\11.amr
  • c:\system\data\11.jpg: corresponds to Figure 1
  • c:\system\data\bookmarks1.db: buggy/empty bookmark database which overwrites the mobile phone's bookmarks

Description Last Updated Date: Jul 26, 2010
Reference: ID - 1926474