A good deal of this year's mobile malware is being developed in China. And Chinese mobile malware tends to include stuff such as backdoors, password stealers and spy tools.

Knowing that Chinese malware likes to spy, we've been keeping an eye out for various functions, such as photo scraping. Stealing photos from a phone could be used for harassment and blackmail.

We didn't have to look for long. A member our Threat Response team just found something interesting in a Symbian malware sample.

We recently did an analysis on a trojan, AdSMS, that's been spreading for the last week or so and thought it might make an interesting contrast to the rash of trojanized Android apps that we've been seeing lately.

AdSMS is distributed via a malicious link in a spammed SMS message. The malware appears to be targeted to Android users in mainland China, as the SMS is faked up to look like it's from a major Chinese telecom network and the download link deliberately spoofs a domain name associated with the network.

On March 17th, we noted a new man-in-the-mobile attack, SpyEye edition.

Here are the notes from our Threat Research team:

Q: What is "social spam"?
A: Social spam is spam that uses social networking, media and news related websites to spread links.

Q: Links? You mean stuff like those links I see on Facebook saying something like "OMG! Father catches his daughter on webcam"?
A: Yes. Those links.

Q: And just how does spreading salacious links payoff for the social spammer?
A: First, let's discuss how e-mail spam works.

Q: Well… alright then, what about e-mail spam?

Stuxnet continues to be a hot topic. Here's an updated set of Questions and Answers on it.

Q: What is Stuxnet?
A: It's a Windows worm, spreading via USB sticks. Once inside an organization, it can also spread by copying itself to network shares if they have weak passwords.

Q: Can it spread via other USB devices?
A: Sure, it can spread anything that you can mount as a drive. Like a USB hard drive, mobile phone, picture frame and so on.

Q: What does it do then?

For those of you that think every iPhone application must be approved by Apple's App Store guardians… think again.

Here's an application called SpoofCard:

SpoofCard allows smartphone users to spoof their caller ID. This is not exactly new. There was a bit of press coverage one year ago.

XDA-Developers member Chet Striker recently tweeted about his mobile espionage suite called Phone Creeper.

Version 0.95 was released today.

Phone Creeper is a Windows Mobile application (also being developed for Android).

Facebook CEO, Mark Zuckerberg, has announced on their blog that the site will soon be offering new features and controls. The features include New Facebook Groups, a Dashboard for Applications, and the ability to Download Your Information.

#1 — Why the "new" Groups? According to Zuckerberg, people frequently tell them:

"I'd share this thing, but I don't want to bother 250 people. Or my grandmother. Or my boss."

1         Executive Summary

We at TrustDefender Labs have been analysing various transactional Trojans for quite a while, and lately Zeus has been at the top of the class with a massive feature-set and a massive distribution network. Why create a new Trojan if the existing ones are still highly effective?

Say you're a social media spammer that drives traffic towards CPAlead.com surveys…

What do you do when English speakers are increasing desensitized towards Facebook spam?

Language localization!

We're currently seeing a run of Facebook spam that uses the following subject:

"Voi paska, katso miten kävi kun isä näki tyttärensä webcam-esityksen"