A virus called RedBrowser.A has been discovered, and what makes it so special is that it is the first mobile malware designed to steal money. Although the Russian-based, proof-of-concept trojan is not deemed by security experts to pose any kind of immediate threat, its arrival may herald the coming of an alarming trend. RedBrowser is the first mobile threat to target mass-market phones, meaning that it is OS independent. It signifies that virus writers are widening their reach, and no longer only targeting smart phones alone.
RedBrowser is a Java applet that fakes a mobile web browser that uses Short Message Service (SMS) rather than GPRS/3G to transmit web pages, experts said.
Users allegedly can visit Wireless Application Protocol (WAP) sites, even though they do not have a connection. To get connected, the trojan says it must send an SMS to transfer data.
However, the malware keeps sending the text messages to premium rate numbers – controlled by the hacker – and users are hit with a $5 to $6 charge per message. They only find out about the fees when they get their monthly phone bill, McAfee said.