The Future of Mobile Malware – Digitally Signed by Symbian?

Author: Ryan Naraine
minute read

From ZDNet (Dancho Danchev)
Earlier this month, a mobile malware known as Sexy View or Sexy Space slipped through Symbian’s mobile code signing procedure, allowing it to act as a legitimate application with access to device critical functions such as access to the mobile network, and numerous other functions of the handset.
Upon notification, the Symbian Foundation quickly revoked the certificate used by the bogus Chinese company XinZhongLi TianJin Co. Ltd, however, due to the fact the revocation check is turned off by default, the effect of the revocation remains questionable. What are the chances that future malware authors could bypass the code signing procedure again?   Read the full story [zdnet.com]

From ZDNet (Dancho Danchev)

Earlier this month, a mobile malware known as Sexy View or Sexy Space slipped through Symbian’s mobile code signing procedure, allowing it to act as a legitimate application with access to device critical functions such as access to the mobile network, and numerous other functions of the handset.

Upon notification, the Symbian Foundation quickly revoked the certificate used by the bogus Chinese company XinZhongLi TianJin Co. Ltd, however, due to the fact the revocation check is turned off by default, the effect of the revocation remains questionable. What are the chances that future malware authors could bypass the code signing procedure again?   Read the full story [zdnet.com]

Suggested articles

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.