What is the InfoJack Trojan and How Does it Affect Windows CE machines?

By Tari Akpodiete, Submitted Wednesday, February 27, 2008

According to a post made a short while ago on The Register, users of devices running Windows CE should be worried about InfoJack Trojan.

Miscreants have created a Trojan capable of infecting mobile devices running Windows CE.

The InfoJack Trojan spreads by either tricking mobile users into installing seemingly legitimate application installation files or if punters inadvertently use an infected memory card on vulnerable devices. The malware has been spotted circulating in China.

InfoJack disables Windows Mobile application installation security. It sends the infected device's serial number, operating system, and other information to the author of the Trojan (a factor that explains the name of the malware). Infected devices are left vulnerable to the injection of further malware strains by allowing unsigned applications to be installed without a warning.

Read the full Register post here. McAfee has a write up with screenshots:

A Window Mobile PocketPC trojan that disables Windows Mobile application installation security has been discovered in China.

WinCE/InfoJack sends the infected device’s serial number, operating system and other information to the author of the trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The trojan modifies the infected device’s security setting to allow unsigned applications to be installed without a warning.

The trojan was packed inside a number of legitimate installation files and distributed widely. It has been distributed with Google Maps, applications for stock trading, and a collection of games.

Read McAfee's write up here.

Login or Register to post comments
Printer-friendly version

Submitted by Guest on February 28, 2008 - 2:01pm.

It is suspicious that McAfee and Norton's both come out with a virus protection for mobile devices the same week that the first ever trojan is found. After further research on McAfee site (Above article) on the trojan and viewing the screen shot for the device, It looks like the Trojan was created before May of 2006, almost 2 years ago and it is on a operating system (CE) that is outdated for a long time. My question is what is the true date of the virus and why telling us now.

Submitted by Tari Akpodiete on February 28, 2008 - 2:16pm.

I don't make the news, I just report it.

I suppose it is possible that there is some vast conspiracy and collusion going on somewhere to do with this, but it's probably not that likely.

And actually, in the business/corporate market, thousands and thousands - if not hundreds of thousands - of devices and equipment run a variety of Windows CE flavours and a daily basis, so it's not 'outmoded' in a great many environments. Our publisher, Hal Goldstein can speak more clearly on this subject as he really knows about who is using what and where.

Submitted by Guest on March 4, 2008 - 12:20am.

CE outdated?
Do you live under a rock?
CE is one of the, if not *the* most used operating systems for mobile/small/embedded devices.
If you didn't know, yet, go figure.

ROFLMAO, good joke in the morning.