What is the InfoJack Trojan and How Does it Affect Windows CE machines?
Miscreants have created a Trojan capable of infecting mobile devices running Windows CE.
The InfoJack Trojan spreads by either tricking mobile users into installing seemingly legitimate application installation files or if punters inadvertently use an infected memory card on vulnerable devices. The malware has been spotted circulating in China.
InfoJack disables Windows Mobile application installation security. It sends the infected device's serial number, operating system, and other information to the author of the Trojan (a factor that explains the name of the malware). Infected devices are left vulnerable to the injection of further malware strains by allowing unsigned applications to be installed without a warning.
Read the full Register post here. McAfee has a write up with screenshots:
A Window Mobile PocketPC trojan that disables Windows Mobile application installation security has been discovered in China.
WinCE/InfoJack sends the infected deviceâ€™s serial number, operating system and other information to the author of the trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The trojan modifies the infected deviceâ€™s security setting to allow unsigned applications to be installed without a warning.
The trojan was packed inside a number of legitimate installation files and distributed widely. It has been distributed with Google Maps, applications for stock trading, and a collection of games.
Read McAfee's write up here.