Ad Banner

Mobile Phone Virus Spread Cause Effect and Prevention

Spreading Cause Effect and Prevention of Mobile Phone Virus

Mobile phone virus is an infectious and destructive mobile phone program, which can be cleaned and killed by antivirus software, and can also be uninstalled manually. It can be transmitted by sending SMS, MMS, e-mail, browsing websites, downloading ringtones, Bluetooth, etc., which will cause the user's mobile phone to freeze, shut down, delete personal information, send out spam to leak personal information, automatically call the phone The malicious deduction of short (MMS) messages, etc., may even damage the hardware such as SIM cards and chips, resulting in the user's inability to use the phone normally. The earliest mobile phone virus in history appeared in 2000.
[Mobile Security Guide]

Common Name:    Cell phone virus

English name:    Mobile phone virus

Infected system:    iOS, Android, WP, etc.

Protection method:    Antivirus software, unknown links, etc.

Features:    Infectious and destructive

Earliest origin:    2000

Table of Content

    1 Development history

    2 Working principle

    3 Mode of Transmission (Spread)

    4 Well-known viruses

    5 Viral symptoms

    6 Examples of viruses

    ▪ Type

    ▪ Impact

    7 Attack target

    8 Hazard

    9 Prevention

    10 Clear

    11 Virus SMS

    ▪ Principle

    ▪ Hazard

    ▪ Identification

    ▪ Prevention

    ▪ Catch the suspect

What is the Development History of Mobile Phone Virus?

At that time, the mobile phone company Movistar received a large number of harassing text messages called "Timofonica" sent by the computer. The virus sent spam and other spam messages to users in the system through the mobile system of the Spanish telecommunications company "Telefonica". 

In fact, the virus can only be counted as a SMS bomb at most. 
The real mobile phone virus did not appear until June 2004, that is, the "Cabir" worm virus. 
This virus is copied through the Nokia s60 series mobile phones, and then constantly looking for mobile phones with Bluetooth installed. After that, cell phone viruses began to spread. 

Mobile phone viruses are inspired and influenced by PC viruses, and there are so-called hybrid attacks. 

According to a survey report by McAfee, an IT security vendor, the number of mobile phone users worldwide who have been attacked by mobile phone viruses in 2006 has reached about 83%, a five-fold increase from 2003.

What is the Working Principle of Mobile Phone Virus?

The software in the mobile phone, the embedded operating system (the operating system solidified in the chip, generally written in languages ​​such as JAVA, C ++), is equivalent to a small intelligent processor, so it will be subject to virus attacks. 
Moreover, text messages are not just simple text, including information such as ringtones and pictures of mobile phones, which need to be interpreted by the operating system in the mobile phone and then displayed to mobile phone users.

Mobile phone viruses invade mobile phones through software system vulnerabilities.

To spread and run mobile phone viruses, the necessary condition is that mobile service providers must provide data transmission functions, and mobile phones need to support Java and other advanced program writing functions. 
Many mobile phones with Internet access and download functions may be invaded by mobile phone viruses.

What is the Propagation mode of Mobile Phone Virus?

Propagation using Bluetooth: "Kapol" virus will modify the system settings of the smart phone, automatically search for the existence of vulnerabilities in neighboring mobile phones through Bluetooth, and carry out attacks.
Infect the mobile phone executable file on the PC: After the "Velasco" virus infects the computer, it will search for the SIS executable file on the computer's hard disk and infect it.
Use MMS multimedia information service to spread :.
BUG attack using mobile phones: This kind of virus is generally run on the "EPOC" of portable information equipment, such as "EPOC-ALARM", "EPOC-BANDINFO.A", "EPOC-FAKE.A", "EPOC-GHOST. A "," EPOC-ALIGHT.A ", etc.

Well-known cell phone virus

CCa tx A World Series (World Pets, World Community, etc.)

This series of Trojans: will privately send a registered SMS, the SMS content contains IMSI and channel identification.

Hazard: Without the user's knowledge, it causes the consumption of tariffs.
MLC gy A Cool Wallpaper Series (Kaleidoscope Live Wallpaper, Galaxy Live Wallpaper, Christmas Live Wallpaper, etc.)

This series of Trojans: Privately send a large number of short messages to multiple numbers.

Hazard: Malicious consumption of tariffs.

CCRa A (Dynamic Beauty Wallpaper, Wonder One Piece Puzzle, Sexy Car Model Look, etc.)

This series of Trojans: Privately create desktop shortcuts for its promotional software download links, and privately download and install on the Internet.

Hazard: Misleading users to download and install, causing tariff consumption.

MDa mj A (3D dazzling moving cube, iCalendar, etc.)

This series of Trojans: Privately send SMS to order SP services, and block SMS messages from operators' receipts.

Hazard: Malicious ordering of payment services, resulting in consumption of tariffs.

MDRa kj A Wanyue apartment series (Jinwu Zangjiao, traveling with beautiful rivers and lakes, peerless soldiers, etc.)

This series of Trojans: Privately customize the SP service, download malicious instructions online, and conduct malicious deductions.

Hazard: Multiple customized payment services, causing a large consumption of tariffs.

PSCa sb A (Seize the island, cell wars, diamond fascination, pull lights, crazy gophers, mine clearance, etc.)

This series of Trojans: telephone signal strength, power change, booting and self-starting, three broadcast reception, start the service UpdateServic, and perform malicious behavior.

Hazard: Try to obtain ROOT permission, download and install rogue software privately, consume user's mobile phone traffic, and steal user's private information.

MSP lx C (cold-blooded sniper, tank battle, crazy knight, super beauty, etc.)

This series of Trojans: self-starting after booting, SMS phone monitoring, phone status change, after making a call and receiving four broadcasts, start the service zjService to perform malicious behavior.

Hazard: Privately download rogue software, install rogue software, steal user's SMS content and call records and mobile phone information, and upload to Trojan server through the Internet.

What are the Mobile Phone Virus Symptoms?

Symptoms of cell phone poisoning

The phone continues to emit warning sounds

Change user information to "Some fool own this"

The screen when the internal hard drive is formatted is displayed on the screen of the mobile phone, which is a scary trick and will not be authentic

Show "Every one hates you" on the screen (Everyone hates you)

Make the background light flash constantly

This is a malignant virus that invalidates key operations.


Send poisonous emails to the mailboxes in the address book, and also send a large number of short messages to the mobile phone through the SMS server.

The phone will freeze or shut down automatically.


When there is an incoming call, Unavaifaule (fault) or some strange characters are displayed on the screen. 
If you pick up the phone at this time, you will be infected with a virus and lose all your data on the phone.


Malicious virus, when the virus attacks, it will use the address book to make outgoing calls or send emails. Even call the police.
Simulation of Mobile Phone Virus

In 2010, the most popular incomplete statistics of mobile phone viruses, "fishing king" steal bank account

This "fishing king" mobile virus named InSpirit.A is packaged in mobile game software. 
After the user is tricked into installing, the virus will generate a local scam message, which makes the user mistakenly receive the notification message from the banking system. 
The content of the message is: "Dear customers, China Merchants Bank reminds you: Your account has 5 incorrect password entries today. 
To avoid damage to your funds, please log in to http: //cmb****.com for account protection.

The SMS sending number is also disguised as a bank number, which is extremely deceptive. If the user is logged in to an illegal phishing website, the bank card account and password may be stolen.

"Mobile phone skull" infected 100,000 smart phones
This virus, which was named LanPackage, was mainly aimed at smartphones with S60 3 operating system, disguised as ordinary application software "System Chinese Language Pack" to trick users to download and install. 
After the phone is poisoned, it will continue to connect to the Internet automatically, and use "Zhang Ziyi's all private room text messages, all at:

http: // xxxxx" and other social hot content to continuously send out MMS messages, inducing users who receive the content to click malicious links to proceed and spread further.

In just over a month, the virus infected more than 100,000 smartphones, causing direct economic losses of more than 20 million yuan.

"SMS Pirate" Seriously Violates Privacy

The "SMS Pirate" virus is a new variant of the "mobile skull" that has previously absorbed the phone bills of countless mobile phone users.

 Even worse than the "mobile phone skull", the SMS Pirate also sends the contents of the owner's inbox to other machine friends, which not only causes a large amount of user tariff losses, but also leads to serious privacy disclosure.

It is conservatively estimated that tens of thousands of smartphones have been infected by the virus, which has brought a large number of users with double losses in tariffs and privacy. 
As a variant, this virus appeared in just over a month, and its function has been greatly improved. It can be seen that the development of mobile phone viruses has entered a "mature stage".

"Straight Flush Thief" went straight to the financial account

"Straight Flush Thief" is mainly aimed at users of the famous stock trading software "Flush Flush". 
As long as after the poisoning, when the user logs in to the flush flush software, his account password will be forwarded to a mobile phone number via SMS, resulting in the loss of the account.

"Old billionaire" consumes user traffic

"Monopoly" pretends to be a game software "Monopoly" to trick computer friends into downloading and installing.
After poisoning, the phone will start every time it is turned on.

In addition to frequent automatic network consumption of user traffic, it will steal the user's IMEI number and other privacy And prevent users from uninstalling normally.

"QQ Stealer" steals account

The virus tricked machine friends into downloading in the name of “QQ Garden Assistant” and “QQ Brush Tool”. After the poisoning, a QQ login box will appear on the mobile phone to entice mobile phone users to enter their QQ account and password. And password are sent to a specific mobile phone number, resulting in the loss of account number and password.

When did Android phone virus first appear?

The mobile phone virus named "Undercover Android Messages" is the first virus that appears in Android phones. 
It can secretly steal SMS content from mobile phones, causing serious leakage of user privacy. 
The emergence of the virus indicates that the Android platform has also become the target of hackers. 
What is more worrying is that the virus variant has also appeared rapidly. Netqin Security Center intercepted its variant SW.Spyware.B in a short time. 
This variant can not only steal text messages, but also monitor user's call records.

What are some examples of Mobile Phone viruses?

Fishing King, Mobile Skeleton, SMS Pirate, Straight Flush Thief, Thousand-Billionaire, QQ Virus, Zombie Cell Phone Virus (Mobile Zombie Virus), CCa.tx.A, MDa.mj.A (3D Xuandong Cube, iCalendar, etc.)

What are the Types of Mobile Phone Viruses?

Mobile phone viruses can be divided into four categories according to the virus form:
1. Viruses transmitted via "wireless transmission" of Bluetooth devices such as "Cabir" and "Lasco.A".

"Cabir" (Cabir) is a network worm that can infect mobile phones running the "Symbian" operating system.
After the virus is found in the mobile phone, the Bluetooth wireless function will be used to scan other neighboring mobile phones with vulnerabilities. 
When the vulnerable mobile phone is found, the virus will copy itself and send it to the mobile phone.

The Lasco.A virus, like the worm virus, is transmitted to other mobile phones via Bluetooth wirelessly. When the user clicks the virus file, the virus is activated immediately.

2. Mobile phone viruses targeting mobile communication providers such as "mosquito Trojan horses".
The virus is hidden in a cracked version of the mobile game "Play Mosquito". Although the virus will not steal or destroy user information, it will automatically dial and send a large amount of text messages to the number in the UK, resulting in a sharp increase in the user's information fee.

3. Viruses targeting mobile phone bugs such as "mobile hackers".
The mobile hacker ( virus spreads via SMS with a virus program. As long as the user views the virus-containing SMS, the phone will automatically shut down immediately.

4. The "Mobile.SMSDOS" virus attacked by SMS or MMS is a typical example of the "Mobile.SMSDOS" virus targeting Siemens mobile phones.
The "Mobile.SMSDOS" virus can be spread by SMS or MMS, which causes errors in the internal program of the mobile phone, resulting in the mobile phone not working properly.

In terms of the impact of current mobile phone viruses, it can be roughly divided into five categories: 

  • Joke
  • Distress
  • Physical damage
  • Money loss
  • Confidentiality injuries

The following will further discuss the various types of mobile phone viruses caused by the five categories. Different damage conditions and dangers.

What are the influences of Mobile Phone Virus?

Joke effect

This type of joke-type mobile phone virus does not generally cause physical or operational damage or impact on the mobile phone.

  •  The screen of the mobile phone keeps flashing: for example, the Lights virus.
  •  The screen displays sensational words or scary icons: for example, the Ghost virus will display the "Everyone hates you" message.
  •  Continuous beeps: For example, False Alarm virus.
  •  Small planes flying around on the screen: for example Sprite virus.
  •  A formatted disk message appears: Fake virus, for example, does not actually cause any harm.
  •  Pretend to download malicious programs: such as Alone virus.
  •  Automatically start phone recording.

Disturbing destruction

The so-called troublesome cell phone virus, although it will not destroy or suspend the physical or operational aspects of the cell phone, will cause troubles in the use of the cell phone and even further prevent the update of the cell phone software.

  •   Sending and receiving spam text messages: Many mobile phone viruses use a lot of spam text messages to attack mobile phones. 
  • Although spam text messages are not necessarily dangerous, they consume the precious time of the recipients and add a lot of trouble, not to mention that spam text messages are likely to hide viruses.
  • Once poisoned, users may also become zombies or accomplices who send spam messages without knowing it. For example, the samurai worm will send a message containing the virus according to the recorded message in the victim's mobile phone.
  •   Prevent any update and download of mobile phones: For example, the Fontal Trojan, by destroying the program manager in the mobile phone system, prevents users from downloading new applications or other updates, and also prevents the mobile phone from deleting viruses.
  •   The application cannot work: For example, the skull Trojan will cause the mobile phone file system or application to not work, and the user must restart the computer.
  •   Consumption of mobile phone power: For example, the piranha (Cabir) worm, through continuous search for other Bluetooth devices, and then exhausted mobile phone power.
  •   Block Bluetooth communication: Block the communication and connection between the mobile phone and any Bluetooth device, such as headphones, printers, or other Bluetooth mobile phones.
  •   Interruption of the operation of the SMS service: The hacker launched a DDoS attack on the MMS server, which caused the SMS service to fail to operate normally. 
  • Symantec said that the very popular Blackberry mobile phone (Blackberry) has been attacked by the server, which caused the user to fail to receive the letter for up to 3 hours.

Physical or operational disruption

The physical or operational damage is a very serious result. 
Not only can users continue to use the phone normally, but the most important thing is the destruction of important data.

  •   Mobile phone crashes: For example, a hacker can launch an attack through a vulnerability in the mobile phone operating system, thereby causing the operating system to shut down.
  •   Mobile phone automatic shutdown: Frequent switching on and off may cause damage to mobile phone parts or life.
  •   Loss of file information: including the loss of files such as phonebook, address book, MP3, games, photos, and picture bells. For example, Skull Head Trojan.
  •   Paralyzed mobile phone anti-virus software: disguised as an update code of an anti-virus manufacturer, tricked users into downloading, and then paralyzed mobile phone anti-virus software.
  •   The key function of the mobile phone is lost: for example, SYMBOS_LOCKNUT Trojan.
  •   Format internal memory: If the mobile phone has a built-in hard disk in the future, it may also face the risk of being formatted.
  •   Hackers obtain mobile phone system permissions: hackers can obtain partial or even full system permissions without the user's consent through the vulnerability of the mobile phone operating system. 
  • For example, the Brador backdoor program specializing in WinCE mobile phones, poisoned mobile phones will be remotely downloaded files by hackers, or even execute specific commands.
  •   Burn out internal chip: It is rumored that once a Trojan is executed, it will cause the mobile phone to automatically shut down, or even burn out the internal chip.
  • However, the information in this regard has not been confirmed and is still rumored.
  •   Destruction of the SIM card: The hacker launched the direct destruction of the SIM card through the vulnerability of the information access length of the early SIM card.

Money Loss due to Cell Phone Virus

As various malicious attacks on PCs began to be linked to monetary benefits, this trend was inevitable on mobile phones. 
Such attacks ranged from increasing telephone costs to heavy losses in online transactions.

. Increasing SMS expenses: Because it becomes a “smart message spammer” controlled by hackers, the cost of SMS is naturally high. For example, flood hacking tools.

. Automatic dialing: For example, in Japanese i-mode, after the user received a malicious MMS. 
He continuously dialed the Japanese emergency number 110, resulting in a waste of social resources and an increase in the user's telephone cost.

. Transferred to an international call: Through Pharming, the hacker directly tampered with the user's mobile phone address book, allowing the user to be inexplicably transferred to another country when making a call, which in turn caused the user's phone bill to rise.

. Tampering with order information: Symantec said that nowadays, users are increasingly buying stocks through mobile phones. So in the future, there may be hackers based on certain interests, such as speculation on specific stocks, and then tampering with users Order information. This, in turn causes users to buy the wrong order or cause investment losses.

Confidentiality Injury due to Cell Phone Virus

The ultimate goal of any security protection is to ensure the security of confidential information, so the leakage of confidential information caused by mobile phone viruses can be said to be the most destructive behavior.

  •   Stealing calendars or address books: Disguise software or games that contain backdoor programs as legitimate software or free software, and trick users into downloading them, thereby stealing important data such as calendars or address books. 
  • For example, the hotel industry’s mobile phone address book of Paris Hilton was stolen under some unknown conditions. 
  • Later, according to expert judgment, it may be caused by the intrusion of hackers through the Bluetooth transmission channel.
  •   Stealing personal privacy photos: In the future, it will not be ruled out that hackers will steal the privacy photos of celebrities through Bluetooth, WiFi or other methods, in order to intimidate or defraud.
  •   Online transaction data leakage: Now you can also conduct online banking or online transactions through mobile phones, so related information may also be exposed to the risk of mobile phone viruses or hacker attacks.

Attack Target through Cell Phone Virus

1. Attack on Internet content, tools, service items, etc. that provide services to mobile phones.
 2. Attacking the WAP server prevents the WAP phone from receiving normal information.
3. Attack and control "gateways" and send spam to mobile phones.
4. Directly attack the mobile phone itself, making the mobile phone unable to provide services.
5. Destroy the application of the mobile phone, the trial software or the game cannot run normally.
6. Stealing personal information on mobile phones and infringing on personal privacy.

What is the Harm through Mobile Phone Virus?

1. The user information is stolen

Today, more and more mobile phone users store personal information on their mobile phones, such as personal address book, personal information, schedule, various network accounts, bank accounts and passwords. 

These important materials will inevitably attract some people with ulterior motives. They will write various viruses to invade the mobile phone and steal important information of users.

2. Spread illegal information

MMS is popular, and it provides convenience for the initial spread of various pornographic, illegal pictures, voices, and movies.

3. Destroy mobile phone hardware and software

The most common hazards of mobile phone viruses are the destruction of mobile phone software and hardware, causing the mobile phone to not work properly.

4. Paralyze the communication network

If the virus infects the mobile phone, the mobile phone is forced to continuously send spam to the communication network where it is located.  This will inevitably lead to the blockage of the communication network information. 
These spam messages will eventually paralyze local mobile communication networks.

What is the Prevention against Mobile Phone Virus?

1. Garbled SMS, MMS, delete

The garbled text messages and MMS messages may contain viruses. Delete them immediately after receiving such text messages to avoid infection with mobile phone viruses.

2. Don't accept strange requests

When using wireless transmission functions such as Bluetooth and infrared to receive information, be sure to choose a safe and reliable transmission object.
 If there is a strange device requesting a connection, it is best not to accept it. 
Because as mentioned earlier, mobile phone viruses will automatically search for devices within wireless range to spread the virus.

3. Ensure the security of the download

There are many resources on the Internet for mobile phone downloads, but some resources are bundled with viruses. 
This requires users to ensure that the download site is safe and reliable when using mobile phones to download various resources.
Try to avoid downloading from personal websites.

4. Choose your phone's own background.

Beautiful background pictures and screensavers are certainly pleasing to the eye, but it is uncomfortable to have viruses in the pictures, so users are better to use the pictures that come with the phone to set the background.

5. Don't browse dangerous websites

For example, some hackers and pornographic websites are inherently very dangerous. Many viruses and Trojans are hidden in them. It is very dangerous to browse such websites with mobile phones.

6. Don't just click on the SMS link

Clicking on the SMS link may expose the phone to a phishing website, causing the phone to be infected with a virus.

7. People using antique machines can be 100% assured

After all, not 100% of people use smart phones, but use "antique machines", that is, those black and white screens, mobile phones that can not connect to the WAP network, you can rest assured that the virus can not infect your mobile phone.

How Can I Clear Mobile Phone Virus?

Cell Phone Virus Removal: The best way to remove virus from the mobile phone is to delete the virus message.
 If it is found that the phone has been infected with a virus, it should be shut down immediately.
 If it freezes, you can remove the battery, and then remove the SIM card and insert it into another type of mobile phone (the mobile phone brand is best to be different). 

After deleting, reinsert the card back to the original phone.

If it is still unavailable, you can contact the mobile phone service provider to disinfect the mobile phone through the wireless website, or through the IC access port or infrared transmission interface of the mobile phone.

Since the use of mobile phones in our country is still in its infancy, the digital processing capabilities (capacity and computing) of mobile phones are not powerful enough to handle and spread viruses independently.
Therefore, viruses can only harass mobile phones through computers, WAP servers, and WAP gateways. 

So as long as you pay attention not to receive garbled calls, try to download information from the Internet as little as possible and you will not have a big problem.

In response to mobile phone viruses, the principle of combining prevention and killing should be adhered to.
Indiscriminately view garbled text messages, indiscriminately download mobile phone software, indiscriminately browse dangerous websites, and inadvertently accept infrared and Bluetooth requests from strangers. 

Once the mobile phone is infected with virus, you should choose professional and authoritative poisoning software for killing as soon as possible. 

The widely recognized anti-virus software in the industry includes anti-virus pioneers, security butlers, and Tencent mobile butlers.

What is Mobile Phone Virus SMS?

In August 2014, super-phone viruses broke out in many places across the country.
Receive a text message with an apk file link sent by an acquaintance, it will be downloaded directly after clicking! 
Suspected cell phone virus, it will automatically spread to the address book after infection, and it will also bring the name in the address book memory, causing the phone to owe money to stop, the text message form is like: "" XXX (owner name) see this, ht: / /********XXshenqi.apk ". If you receive such a virus-containing text message, do not click to download.


The beginning of the message starts with the name stored in the sender's phone address book, and then asks the other party to open a web link. After opening the link, the phone will automatically install a XXshenqi software and start to send this text message to the phone address book in a frenzy, but the name of each message changes with the name of the sender's phone address book. 

What is the Harm of SMS Message Virus?

Allow users to generate a lot of SMS calls for no reason. 

How to Identify SMS Virus?

Internet police said that this is a typical virus SMS. First, the link in the text message starts with CDN and ends with APK. The internet police explained that CDN is a content distribution network, in layman's terms, it is a resource management center. 
Many resources are uploaded here, and users can download them here.
APK is the installation package of the Android system, which is equivalent to the exe file in windows.

What is the Prevention against SMS Virus?

The virus has a low technical content, and security software with permission management functions can intercept SMS messages, and the general antivirus software can also completely remove the virus after uninstallation. 

Catch the suspect

At 1:00 a.m. on August 2, 2014, after 17 hours of rigorous investigation, Shenzhen police quickly found out the true identity of the suspect.

At 18:00 on the 2nd, in a residential area of ​​Longhuan 1st Road, Baoan District, Shenzhen the criminal suspect suspected of making and distributing the "Artifact" mobile phone malicious program was successfully captured. The root cause of the malicious program was immediately ascertained, effectively preventing its continued spread. 

After a preliminary investigation, the suspect's mobile phone contains a large amount of personal personal information (including text messages sent by banks and other institutions, covering the user's name, phone, bank information, fund changes, etc.).
It is estimated that more than 100 users have been affected by the malicious program Million. 

Due to the timely detection, the personal information of citizens who have not been illegally obtained by the suspect has not been found to be used for illegal purposes.

The suspect Li Mou (male, 19 years old, from Hunan, a software engineering student at a university) confessed to the act of making and spreading the malicious program and illegally obtaining citizen personal information. 

Li Mou was criminally detained by Shenzhen Luohu Police for allegedly illegally obtaining personal information of citizens. His behavior was suspected of violating the crime of destroying the computer information system stipulated in Article 286 of the Criminal Law. 

According to relevant judicial interpretations, the mobile phone is a communication device and also belongs to the computer system. 

According to the Criminal Law, deliberately making and disseminating computer viruses and other destructive programs that affect the normal operation of computer systems. 

If the consequences are serious, they may be sentenced to less than five years in prison or detention. If the consequences are particularly serious, they will be sentenced to more than five years.

Post a comment