First Trojan To Target WindowsCE PDAs Emerges

The malicious code will let an attacker gain control of the handheld device.

George V. Hulme, Contributor

August 5, 2004

1 Min Read
InformationWeek logo in a gray background | InformationWeek

The first backdoor Trojan horse designed to attack Pocket PC PDAs running the WindowsCE operating system has been discovered, several antivirus companies said on Thursday. The Trojan was named Backdoor.Bardor.A by antivirus firm Symantec and Backdoor.WinCE.Brador.a by antivirus firm Kasperky Labs. Once installed on a Pocket PC device, it allows an attacker to gain control over the device once it is restarted and connected to the Internet.

According to Symantec, an infected handheld device will transmit its IP address through a backdoor, or security hole, over the Internet to the attacker. It will then open a communications channel on port 44299 and await further instructions from the attacker.

Both Symantec and Kaspersky Labs say the backdoor works with handhelds built with the widely used ARM CPU.

Symantec has classified the threat posed by the Trojan as a 1, the lowest ranking on its scale of 1 to 5.

Both Symantec and Kaspersky Labs say they have updated their antivirus signatures to protect customers against this new threat.

Oliver Friedrichs, senior manager of Symantec Security Response, says the Trojan was submitted to Symantec for analysis from one of its virus sample exchange networks. He says the Trojan hasn't been spotted on the Internet yet.

As with all Trojan horses, this one doesn't spread on its own, so PDA users need to be enticed to download the malicious application or open an E-mail attachment that contains it. Says Friedrichs, "Users shouldn't open or execute files from unknown sources."

About the Author

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights