According to Symantec, an infected handheld device will transmit its IP address through a backdoor, or security hole, over the Internet to the attacker. It will then open a communications channel on port 44299 and await further instructions from the attacker.
Both Symantec and Kaspersky Labs say the backdoor works with handhelds built with the widely used ARM CPU.
Symantec has classified the threat posed by the Trojan as a 1, the lowest ranking on its scale of 1 to 5.
Both Symantec and Kaspersky Labs say they have updated their antivirus signatures to protect customers against this new threat.
Oliver Friedrichs, senior manager of Symantec Security Response, says the Trojan was submitted to Symantec for analysis from one of its virus sample exchange networks. He says the Trojan hasn't been spotted on the Internet yet.
As with all Trojan horses, this one doesn't spread on its own, so PDA users need to be enticed to download the malicious application or open an E-mail attachment that contains it. Says Friedrichs, "Users shouldn't open or execute files from unknown sources."