YNOT – If you thought surreptitious porn dialers died along with dial-up internet connections, think again. Trojans capable of costing web surfers hundreds or thousands of dollars by “dialing for porn” without the user’s knowledge have popped up in a new realm: mobile phones.Security firm CA (formerly Computer Associates International Inc.) last week alerted cellular users to a new type of “dialer” that employs a code snippet written in Sun’s Java 2 Micro Edition language. The snippet appears as a Java MIDlet, often delivered along with an app the user intended to download. However, once loaded, the piggyback app automatically sends SMS messages to premium numbers. Users may not be aware their phones have been infected until they receive an exorbitant text-messaging bill, according to CA researcher Akhil Menon.

“In our malware analysis lab we have been observing an increasing trend of Trojan dialers that target mobile devices … to send SMS messages to high-cost numbers,” Menon noted on the CA blog. “Similar to its ancestors, most of them are related to pornographic message centers.

“As soon as the application is loaded, this malicious software starts to send premium text messages. …[T]he messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent.”

CA’s security software detects the malware as Trojan Java/Swapi.B.

“Exercise caution while downloading mobile applications from the Internet, and refrain from using any that come from a non-trusted source,” Menon warned.

More about the mobile porn dialer Trojan can be found here.