Content
PalmOS/LibertyCrack
- Type
- Trojan
- SubType
- File Deletion
- Discovery Date
- 08/28/2000
- Length
- 2,663
- Minimum DAT
- 4094 (09/06/2000)
- Updated DAT
- 4094 (09/06/2000)
- Minimum Engine
- 5.1.00
- Description Added
- 08/28/2000
- Description Modified
- 09/05/2000 7:16 PM (PT)
Tab Navigation
Characteristics
This trojan affects handheld devices running the PalmOS operating system. This includes devices manufactured by Palm, Handspring, IBM, TRG, and Symbol Technologies.
It arrives masquerading as a "crack" for an application called "Liberty" which allows a PalmOS device to run Nintendo GameBoy games. The crack claims to convert the freely available shareware version of "Liberty" into the full registered version. When run, however, the trojan attempts to delete all applications from the handheld and then reboot it.
AVERT recommends that PalmOS users add ".PRC" to the file extensions scanned, for protection.
The trojan was initially distributed on IRC by a co-author of the "Liberty" application.
Symptoms
On a PalmOS device, the trojan will appear in the launcher with the same icon as the "Liberty" application and the name "Crack 1.1".
On a PC, the trojan will appear as a file named "liberty_1_1_crack.prc" with a size of 2,663 bytes.
Method of Infection
The trojan is generally installed to a PalmOS device from a host computer during a HotSync operation. It can also be beamed from one Palm device to another via infrared. It is possible for OmniSky wireless internet users to receive this trojan via e-mail as an attachment.
Removal
Use specified engine and DAT files for detection and removal with the scan "all files" setting enabled. The trojan may also be deleted from the PalmOS device manually.
Variants
Variants
N/A
All Information
Overview -
This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.
Aliases
- Liberty Crack
- liberty_1_1_crack.prc
- Palm.Liberty.A
- Palm/Liberty-A
- Palm_Liberty.A
- Trojan.Palm.Liberty
Characteristics
Characteristics -
This trojan affects handheld devices running the PalmOS operating system. This includes devices manufactured by Palm, Handspring, IBM, TRG, and Symbol Technologies.
It arrives masquerading as a "crack" for an application called "Liberty" which allows a PalmOS device to run Nintendo GameBoy games. The crack claims to convert the freely available shareware version of "Liberty" into the full registered version. When run, however, the trojan attempts to delete all applications from the handheld and then reboot it.
AVERT recommends that PalmOS users add ".PRC" to the file extensions scanned, for protection.
The trojan was initially distributed on IRC by a co-author of the "Liberty" application.
Symptoms
Symptoms -
On a PalmOS device, the trojan will appear in the launcher with the same icon as the "Liberty" application and the name "Crack 1.1".
On a PC, the trojan will appear as a file named "liberty_1_1_crack.prc" with a size of 2,663 bytes.
Method of Infection
Method of Infection -
The trojan is generally installed to a PalmOS device from a host computer during a HotSync operation. It can also be beamed from one Palm device to another via infrared. It is possible for OmniSky wireless internet users to receive this trojan via e-mail as an attachment.
Removal -
Removal -
Use specified engine and DAT files for detection and removal with the scan "all files" setting enabled. The trojan may also be deleted from the PalmOS device manually.
Variants
Variants -
N/A
