F-Secure malware experts been working on an interesting Symbian worm over the last few days. It affects S60 2nd Edition phones. The SymbOS/Beselo family of worms spread via MMS and Bluetooth using social engineering to trick users into installing an incoming SIS application installation file. The filenames used by Beselo are beauty.jpg, sex.mp3, and love.rm.
But what makes Beselo interesting is that instead of a standard SIS extension the Beselo family uses common media file extensions. This leads the recipient believe that he is receiving a picture or sound file instead of Symbian application. He is then far more likely to answer “yes” to any questions the phone prompts after clicking on such an incoming file.
Beselo worms are compiled for S60 2nd Edition phones. Attempting to open the file on a 3rd Edition phone will likely cause an error message rather than an installation prompt.