I was searching for recently discovered skulls virus for symbian OS I was basically looking for some information on its working or source code this is what i found:



SYMBIAN OS:

Symbian OS is an operating system with associated libraries, user interface frameworks and reference implementations of common tools, produced by Symbian. It is a descendent of Psion's EPOC.

There are multiple user interface flavours that use the Symbian OS, such as UIQ and Nokia's Series 60. The adaptability of the user interface enables the use of Symbian OS on various form-factors of hand-held devices: clam-shell or tablet, keyboard and/or pen, PDA or mobile phone, and others.

Symbian OS is structured like many desktop operating systems, with pre-emptive multitasking, multithreading and memory protection.



Programming:

Symbian OS's flavour of C++ is very specialised, and quite hard to program. However, for those wanting an easier life, Symbian OS devices can also be programmed in OPL, Python, Visual Basic, Simkin and Perl - together with the J2ME and Personal Java flavours of Java.

First worm discovered:

In 2004 the first worm for mobile phones using Symbian OS, Cabir, was developed, which used Bluetooth to spread itself to nearby phones.

Cabir (also known as EPOC.cabir and Symbian/Cabir) is the name of a computer worm developed in 2004 that is designed to infect mobile phones running Symbian OS. It is believed to be the first computer worm that can infect mobile phones. When a phone is infected with Cabir, the message "Caribe" is displayed on the phone's display, and is displayed every time the phone is turned on. The worm then attempts to spread to other phones in the area using wireless Bluetooth signals.

The worm was not sent out into the wild, but sent directly to anti-virus firms, who believe Cabir in its current state is harmless. However, it does prove that mobile phones are also at risk from virus writers. Experts also believe that the worm was developed by a group who call themselves 29A, a group of international hackers, as a "proof of concept" worm in order to catch world attention. It failed to infect any of its targets.

Skulls virus and its working:

Skulls is a malicious SIS file trojan that will replace the system applications with non-functional versions, so that all but the phone functionality will be disabled.

The Skulls SIS file is named "Extended theme.SIS", it claims to be theme manager for Nokia 7610 smart phone, written by "Tee-222".

If Skulls is installed it will cause all application icons to be replaced with picture of skull and cross bones, and the icons don't refer to the actual applications any more so none of the Phone System applications will be able to start.

This basically means that if Skulls is installed only the calling from the phone and answering calls works. All functions which need some system application, such as SMS and MMS messaging, web browsing and camera no longer function.

Discription:

Skulls SIS file does not contain any malicious code as such, it is just a Symbian Installation file that installs critical System ROM binaries into C: drive in with exact same names and locations as in the ROM drive.

Symbian operating system has a feature which causes any file that is in C: drive replace file in ROM drive with identical name and location.

The application files installed by Skulls are normal Symbian OS files extracted from the phone ROM. The malicious part is in the AIF (Application Info and icon) file which comes with the applications. Instead of correct AIF file the Skulls SIS will install AIF file that has Skulls and crossbones as icon and instead of real application it will point to nowhere.


Disinfection

If you have not rebooted the phone after installing "Extended theme.sis"

Currently the only known method of uninstall works if you have some third party file manager installed into your phone.

1. Go to c:\System\apps\appinst and delete
c:\System\apps\appinst
c:\System\apps\menu
c:\System\apps\mce
2. Open the applications menu
3. Look for web browser, it's icon should still be normal
4. Download F-Secure Mobile Anti-Virus for your device
http://www.europe.f-secure.com/estore/avmobile.shtml
or with mobile itself
http://mobile.f-secure.com
5. Install F-Secure Mobile Anti-Virus
6. Start F-Secure mobile Anti-Virus
7. Scan your device to remove malicious AIF files
8. Go to application manager
9. Uninstall "Extended theme.sis"

If have rebooted the phone or don't have third party file manager installed

1. Make sure you have Nokia PC-Sync installed and functional
2. Download PC file manager from http://www.epocware.com
3. Using PC file manager delete
c:\System\apps\appinst
c:\System\apps\menu
c:\System\apps\mce
4. Download and install F-Secure Mobile Anti-Virus for your device
http://www.europe.f-secure.com/estore/avmobile.shtml
5. Start F-Secure mobile Anti-Virus
6. Scan your device to remove malicious AIF files
7. Go to application manager
8. Uninstall "Extended theme.sis"

Programming:
I tried searching for source code for skulls and cabir but it is not available but if you are interested in programming symbian OS here are a few cool links.

http://www.forum.nokia.com/main/0,,1_32_30,00.html(this is a cool one also i heard about nokia training on symbian OS programming just in case anyone is interested check that out too)
http://www.symbian.com/developer/tec..._technique.asp


That is all.