How does new Symbian Antivirus/Security-app hacks work?

Since the appearance of Dr.Web antivirus hack for Symbian a few days ago, a new similar hack is coming out every other day. Interestingly there is one thing that all these hacks have in common – they all use an Antivirus/Security app and ROMPatcher. So what is the mechanism behind all these simple workarounds that have made a mockery of the so-called “Symbian security”?
Well, it is quite simple to understand –

Actually to hack/override Symbian security we need to place some hacking files (ROM Patcher drivers – .ldd files in this case) inside specific System folders (sys/bin) of “C:” drive. Unfortunately these folders are not accessible normally (via any file manager) due to ridiculous “security reasons” (Symbian signed does not issue “all files” capability certificate for file managers that is required for “read/write” access to system folders).

However Antivirus and other security suite apps for Symbian need full system access to scan and remove any virus/malware infection. Thus Symbian signed has to issue an “All files” capability certificate to all such apps and this has undone them.
Hackers exploited this capability of these apps. How? When an antivirus app finds an infected file during scanning, it neutralizes the file by changing its extension and send it to the “Quarantine” folder (name may be different according to different app). A log file is also created by the app containing details of infected files and their original location. Now what hackers do – they change the extension of three .ldd files to fake them as quarantined infected files and create a log/index file defining their original location to C:/sys/bin. Then they place the three .ldd files and the index/log file inside the app specific quarantine folder. Then Install the app and copy the above created Quarantine folder in a specific location in the phone – launch app and restore the three .ldd files (in C:/sys/bin) via Options/Quarantine/Mark all/Restore – exit app – install ROM Patcher – launch it and apply patches via Options/All patches/Apply – done….Simple!

Even you can create your own hack with any of the Antivirus app available for Symbian using the above method.

, , , ,

No comments yet.

Leave a Reply