Home>Network Worms>Internet Worms>

Worm.SymbOS.Cabir.b

tag:Internet Worms

In order for a device to become infected, the user has to accept the malicious file twice:

When installing, the malicious program will display the following two messages:

During installation, the worm will drop the following files to the phone:

C:\system\apps\OIDI500\OIDI500.aif
In order to delete this malicious program, install a file manager application which provides the option to view hidden and system files. Then delete the files listed below:
```
C:\system\apps\OIDI500\OIDI500.aif
C:\system\apps\OIDI500\OIDI500.app
C:\system\apps\OIDI500\OIDI500.mdl
C:\system\apps\OIDI500\OIDI500.rsc
C:\SYSTEM\SYMBIANSECUREDATA\CARIBESECURITYMA\CARIBE.SIS
```
Once the files have been deleted, reboot the phone.

This malicious program is a womr which runs under Symbian. The worm itself is a SIS file. The file is 10,000 bytes in size.

The file spreads via Bluetooth.
Payload

next:none
previous:Worm.SymbOS.Cabir.c

Virus Source from:

New articles

Net-Worm.Win32.Kido.irThe kido worm family creates files autorun.inf and RECYCLED{SID<....>}RANDOM_NAME.vmx on removable drives (sometimes on public network shares) Net-Worm...MS10-061MS10-061 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Windows Print Spooler service on Wind...MS10-062MS10-062 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in MPEG-4 codec on Windows 2008/vISTA/2003/XP computers, wh...MS10-063MS10-063 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Unicode Script Processor on Windows 2...Autorun.AOLAdditionally, it has backdoor characteristics, as it attempts to connect to an IRC channel in order to receive instructions from its creator, such as downloadin...

Hot Articles

Worm.SymbOS.Cabir.b

Computer Virus Clounds