Looks like somebody finally made a malicious trojan for cellphones—specifically phones running Symbian. Called the 'SymbOS/Skulls' trojan, it is often advertised as an 'Extended Theme Manager' by 'Tee-222.' If you install the program, your phone will often stop booting up and when it does, most of your program icons are swapped with skills (I suspect the Animated Skeleton Community United Liberation League, "We Make No Bones About Freedom").

Fortunately, it doesn't propagate through Bluetooth, just gullibility, so if just be aware of untrusted sources and you should be okay



Source from

http://www.gizmodo.com/index.php


and

http://www.antivirus-online.de/english/feedfsecure.php


and here is one infected

http://www.gizmodo.com/gadgets/images/skull_trojan.jpg

I haven't heard of this virus before(do you know where can i found cause it sounds fun as it doesn't do any damage.) but i have heard and i had been infected by a virus called cabir
Cabir info:this virus is like an application(it asks you if you want to install cabir app so curiosity could do you some damage in this case :mad: ).When installed, this application is automatically executed(ran) and it starts when you turn your mobile phone on..This virus also propagates via bluetooth :eek: .When this appl is started your phone automatically opens bluetooth(but if you check bluetooth you may notice that bluetooth is closed) and starts sending the sis file to all bluetooth active users..The problem is that it keeps sending this many times(even if the user accepts to receive the virus) and as a result it consumes your battery :mad: ..
If anyone has been infected and needs more info plz tell me because this virus is very famous here in greece and there are many ways to stop or uninstall this virus :cool:
P.S:the virus is installed in nokia's security files so if you don't have a file manager there is no f** way you're going to delete this file :eek: ..Even if you delete the sis file the virus is still there..(For more info post reply) ;)

so how did u solve the problem ?
did u install an anti-virus ?
and if we format the phone can this kill the virus ?
thanx
BR

First of all for more info you can go to http://www.disklabs.com/nz/cabir.asp

Ok there are 2 ways to restrict caribe(or cabir) virii.
1)If you just want to stop it from running in the backround then you keep pressed the menu btn until it shows you what applications are running in the background..then you will see the phone app and an app called carib.then you press c and it will show you a msg telling you:close carib?you press yes and carib is stopped from propagating an consuming your battery..But this will only last as long as you have your phone on..If you switch off or reboot your phone the virii will start again.. :confused: so we look the 2 way
2)if you have a file manager on your phone you can find the file caribe i think(or cabir if caribe doesn't exist) in the system files of your phone and delete it but i am not sure if this could cause any damage to your nokia security files because i downloaded an anti virus for this(and that's what i recommend you to do if you have the same prob).if anyone has been infected plz inform me so i can send the removal appl..(cause i have it in a disk and i can't find it right now to attach it)...I hope i helped! :rolleyes:

Thnx a lot for warning us,u are a good man, pal! i guess you can upload it to a website and give link here, else I will be glad if you send me by email, so that I can do that for you.. mealos_culpa@hotmail.com

you're welcome mealos..when i find the disk i have the antivirus i will attach it and i will send it to you too :)
I just wanted to inform you people because if you get infected and don't have an antivirus(i'm not sure if the file manager option will work :rolleyes: )the only way to uninstall it is by upgrading your phone..this is free for the 1 year you have your nokia(guarantee) otherwise you have to pay..
Just keep your eyes open!This virus was manufactured in June and nowadays many people have been infected here in Greece!Greetings pal ;)

Looks like somebody finally made a malicious trojan for cellphones—specifically phones running Symbian. Called the 'SymbOS/Skulls' trojan, it is often advertised as an 'Extended Theme Manager' by 'Tee-222.' If you install the program, your phone will often stop booting up and when it does, most of your program icons are swapped with skills (I suspect the Animated Skeleton Community United Liberation League, "We Make No Bones About Freedom").

Fortunately, it doesn't propagate through Bluetooth, just gullibility, so if just be aware of untrusted sources and you should be okay



Source from

http://www.gizmodo.com/index.php


and

http://www.antivirus-online.de/english/feedfsecure.php


and here is one infected

http://www.gizmodo.com/gadgets/images/skull_trojan.jpg

Thanks a lot for the warning! You are great help man.

WBR

thanks man because u give us the warning we will becareful

anyone knows(or can attach it)where can i download the new virus(not the cabir)?I mean the virus with the skulls..This will be used for educational purposes only(promise!)And any info about the antivirus..I'm a programmer and i am interested in symbian applications etc so i need that virus...Please help me and don't get wrong of me and think that i am a virus maker :( ..thanks in advance ;)

anyone knows(or can attach it)where can i download the new virus(not the cabir)?I mean the virus with the skulls..This will be used for educational purposes only(promise!)And any info about the antivirus..I'm a programmer and i am interested in symbian applications etc so i need that virus...Please help me and don't get wrong of me and think that i am a virus maker :( ..thanks in advance ;)

As You Said u need virusesfor educational purpose so far by rulse and trust only for education i am giving it to you and others bcause v r virus creating group v r working for mobile antivirus companys ve create v destroy

Nice man ;) I hope the moderators wont erase it

hey wow u have skull man..gr8
cud i have caribe..<<< not the original caribe...but its variant any of the cariba .A or .B or .C or may be all of them..
again they are for educational purposes only..just want to study them..



P.s:- sounds gr8 ... study them right??

And What This Virus Can Do ?

Formating Phone, Crash Phone Or What?

Does anyone have Gavno? Usual names: patch.sis, patch_v2.sis. Need for study.

Source: Simworks

An antivirus for metal gear.a would be somewhere, because the Simwors anti-virus wants from me a key

interesting

any one know where to get hack trojan???????? and anti virus for this this virus

Thanks for the info bro!!!!

interesting
hack trojan????????
What do you mean :confused: :confused: :confused:
It's like asking:does anyone knows where can i find a virus?What cellphone virus are you looking for?

just rename from .zip.rar to .zip !!

And What This Virus Can Do ?

Formating Phone, Crash Phone Or What?
By default, the Trojan has the file name Flash_1[1].1_Full_DotSiS.sis.

When SymbOS.Skulls.D is executed, it performs the following actions:


Installs the following files, causing many system applications and third-party applications to function incorrectly:


C:\nokia\images\nokias\malaysia\johor\pj\pj\pj\jb\ jb\jb\imos\yuan\yuan\yuanyuan\blue\a-team\terence\ownpda\fuyuan.gif
E:\System\Apps\UltraMP3\UltraMP3.app
E:\System\Apps\SystemExplorer\SystemExplorer.app
E:\System\Apps\smartmovie\smartmovie.APP
E:\System\Apps\SmartFileMan\SmartFileMan.app
C:\System\Apps\pjBLUE\pjBLUE_CAPTION.rsC
C:\System\Apps\pjBLUE\pjBLUE.APP
C:\System\Apps\pjBLUE\pjBLUE.aif
C:\System\Apps\nokiafile\nokiafile_caption.rsc
C:\System\Apps\nokiafile\nokiafile.rsc
C:\System\Apps\nokiafile\nokiafile.app
C:\System\Apps\nokiafile\nokiafile.aif
C:\System\Apps\nokiafile\img.mbm
C:\System\Apps\nokiafile\data.cfg
C:\System\Apps\nokiaapps\nokiaapps_CAPTION.rsC
C:\System\Apps\nokiaapps\nokiaapps.app
E:\System\Apps\freakbtui\freakbtui.app
E:\System\Apps\freakappctrl\freakappctrl.app
E:\System\Apps\file\file.app
E:\System\Apps\FExplorer\FExplorer.app
E:\System\Apps\efileman\efileman.app
C:\System\Apps\data\data_CAPTION.rsC
C:\System\Apps\data\data.app
C:\System\Apps\bootdata\bootdata_CAPTION.rsC
C:\System\Apps\bootdata\bootdata.app
C:\System\Apps\Anti-Virus\Anti-Virus.app
C:\System\RECOGS\YYSBootRec.mdl


Installs SymbOS.Cabir.M as the following files:


C:\System\MALAYSIAJOHOR--jb\yuanV3-diy-by-7022207\free$8.RSC
C:\System\MALAYSIAJOHOR--jb\yuanV3-diy-by-7022207\free$8.APP
C:\System\RECOGS\$$$.MDL

And What This Virus Can Do ?

Formating Phone, Crash Phone Or What?
SymbOS.Lasco.A is transmitted through Bluetooth as a .sis file.

When the worm arrives on a target device the following may happen:


The device displays a message similar to the following, asking the user to accept a message from a particular device:

Receive message via Bluetooth from [device name]?


The user will be notified that they have received a new message.


The user will be prompted with a message similar to the following:

Application is untrusted and may have problems. Install only if you trust provider.


If the user chooses Yes, the user will be prompted to install the worm.

Install Velasco?


The worm creates the following files on the phone:


\SYSTEM\APPS\VELASCO\VELASCO.APP
\SYSTEM\APPS\VELASCO\VELASCO.RSC
\SYSTEM\APPS\VELASCO\MARCOS.MDL
C:\SYSTEM\SYMBIANSECUREDATA\VELASCO\VELASCO.APP
C:\SYSTEM\SYMBIANSECUREDATA\VELASCO\VELASCO.RSC
C:\SYSTEM\SYMBIANSECUREDATA\VELASCO\VELASCO.SIS
C:\SYSTEM\RECOGS\MARCOS.MDL
C:\SYSTEM\INSTALLS\VELASCO.SIS


The worm attempts to send itself to other Bluetooth-enabled devices it finds, regardless of the type of device.


The worm searches the device for all .sis files and appends itself to those files. When an infected .SIS file is installed, the worm will automatically install along with the original application.


The worm executes every time the device is turned on.

any type of carib can be solved by flashing the phone all full factory reset for nokia
*#7370#
boldlink2

nice work man
b r
iyass

good work man :eek:

And What This Virus Can Do ?

Formating Phone, Crash Phone Or What?
To remove SymbOS.Skulls.D:


Install a file manager program on the phone.
Enable the option to view the files in the system directory.
Delete the malicious .AIF files.
Delete SymbOS.Cabir.M by deleting the following files:


C:\System\MALAYSIAJOHOR--jb\yuanV3-diy-by-7022207\free$8.RSC
C:\System\MALAYSIAJOHOR--jb\yuanV3-diy-by-7022207\free$8.APP
C:\System\RECOGS\$$$.MDL


Use the application manager and uninstall Flash_1[1].1_Full_DotSiS.sis.

And What This Virus Can Do ?

Formating Phone, Crash Phone Or What?
To remove SymbOS.Lasco.A:


Install a file manager program on the phone.
Enable the option to view the files in the system directory.
Search the drives, A through Y, for the \SYSTEM\APPS\VELASCO directory.
Delete the files VELASCO.APP, VELASCO.RSC, and MARCOS.MDL from the \SYSTEM\APPS\VELASCO directory.
Go to the C:\SYSTEM\SYMBIANSECUREDATA\VELASCO directory.
Delete the files VELASCO.APP, VELASCO.RSC, and VELASCO.SIS.
Go to the C:\SYSTEM\RECOGS directory.
Delete the file, MARCOS.MDL.
Go to the C:\SYSTEM\INSTALLS directory.
Delete the file, VELASCO.SIS.

how to del
pls help me

pls help.. my 6600 has been infected with the virus comm warrior.. then i manually remove the comm warrior virus but when i open the application manager, it wont open it says "appmngr closed.." :( anyone who knows the solution pls help me.. coz i cant uninstall my applications due to this kind of problem.. thanks!! ;)

Thanks for all the removal info guys, but ive already restarted my phone (it was sending itself via SMS so i removed my SIM) and now it loops on startup. Can anyone help?

hey i got about 30 virus programmes which i collected frm cinema halls, pubs etc and also the skull x ray virus and cabires
i dont think i should put it here for some one will mis use it but for study i can share if the moderator allows
i dont wanna get banned
pm me

i need new viruses for my study!!!

need a new viruses for my study!!