Miscreants have created a Trojaned version of a Windows mobile game that makes expensive international phone calls from compromised smartphones.
Pirated versions of 3D Anti-terrorist action, a first-person shooter developed by Beijing Huike Technology in China, and uploaded onto several Windows Mobile freeware download sites, come with a nasty add-on courtesy of Russian virus writers. Compromised phones start attempting to silently make expensive international calls without user involvement, as reported in a thread on the XDA-Developers' forum, featuring the experience of a UK victim of the Trojan.
Analysis of the malware by Finnish security firm F-Secure reveals that the malicious code initiates several phone calls to international premium-rate numbers. Presumably VXers receive a percentage of the resulting revenue.
In any case, F-Secure Mobile Security has been updated to detect and block Trojanized versions of this game. Other anti-virus firms can be expected to follow, though the best defence is not to download copies of the game in the first place, of course.
A full write-up of the threat, complete with screenshots, can be found in an informative blog posting by Mikko Hypponen, chief research officer at F-Secure, here.
Using illicit copies of mobile games to trick users into downloading malware has happened before, albeit infrequently, and is far from restricted to Windows mobile devices. F-Secure compares the latest Trojan mobile game to a game called Mosquitos from six years back that bit users of Symbian smartphones by sending premium-rate SMS messages.