TNM
Member
Registered: 5th Apr 04
Location: Nottingham Drives: VW Tiguan
User status: Offline
|
The first worm to target smartphones asks users for permission to install itself
A recently created "concept virus" designed to show that a worm could spread between smart phones won't get very far in the real world, antivirus companies said on Tuesday.
As previously reported, the so-called Cabir worm is written for the Symbian operating system, the OS used in a majority of smartphones -- devices that combine the features of a cellphone and a personal digital assistant. The worm's creators sent a copy of it to antivirus researchers on Monday, and it's not yet known if the program has made its way to the general public.
Some researchers initially thought Cabir would automatically run on phones based on the Symbian OS, but an analysis of the program has changed that assessment. In order for the worm to spread, said Kevin Hogan, senior manager for security company Symantec, the user of a targeted phone has to approve of a download from an unknown source.
"The way in which [this worm] replicates itself will severely limit its spread, even if [the worm] was to be made public," Hogan said. "It is not relying on a vulnerability in the operating system; it is relying on the underlying vulnerability of the person who is using" the OS.
To propagate, the worm has to clear three hurdles, Hogan said. First, the target device's user must allow the infected phone to connect to the target device through the Bluetooth wireless protocol. Then, the potential victim must accept the data for download. Finally, the user has to agree to install the application.
"We still haven't seen this thing in the wild," Hogan said. "So far, it is what we call a 'zoo virus' -- it is only in the hands of researchers and the person that wrote it."
While the worm is not likely to spread, antivirus companies warned that other virus writers may use it as a departure point for their own development, placing the digital code at the beginning of a chain of evolution that could result in an actual threat to users of smart phones.
"We see it as a pretty significant step forward," said Vincent Gullotto, vice president of Network Associates' antivirus emergency response team. Two other minor variants of the program, which remove extraneous code, have appeared already, he said.
"The saving grace is that you have to accept the program, it just doesn't show up on your machine," Gullotto said.
Cabir uses components of Nokia's Series 60 development platform, a platform used not only by Nokia but also by other major smart phone manufacturers, including Siemens, Samsung, Sendo and Panasonic. Symantec and other antivirus companies confirmed that, theoretically, the worm could spread between Nokia Series 60 phones running Symbian 6.1 or higher. Security company Network Associates found that the program could infect a Nokia 6600 phone.
Representatives of Symbian and Nokia were not immediately available for comment.
Even if Cabir could spread quickly, it might not gain much traction because smart phones still have not taken off, especially in the United States. Symbian's operating system currently dominates the smart-phone market, which remains small, representing only a thin slice of the more than 1 billion cellphones in circulation. The Symbian OS is expected to battle a similar product from Microsoft for the lead in the operating system market through the end of the decade.
Threats like the Cabir worm could be further stymied by Symbian Signed, a new campaign that will require all applications for the Symbian platform to be digitally signed, attesting that the company has looked at the code. Users could refuse to install any unsigned applications.
Cabir doesn't have a destructive payload, but it constantly scans for other Bluetooth devices it can target, severely shortening the battery life of any system it's already infected, according to Symantec's analysis.
More info here.
http://news.zdnet.co.uk/internet/security/0,39020375,39157752,00.htm
|
barry_kellett99
Member
Registered: 19th May 03
User status: Offline
|
did anyone read it all?
|
TNM
Member
Registered: 5th Apr 04
Location: Nottingham Drives: VW Tiguan
User status: Offline
|
and more here as well:
http://news.zdnet.co.uk/internet/security/0,39020375,39157658,00.htm
|
Nismo
Member
Registered: 12th Sep 02
User status: Offline
|
http://news.bbc.co.uk/1/hi/technology/3809855.stm
but its all crap really.
same thing was said about palms and there viruses never hit off.
|
Natalie
Member
Registered: 5th Nov 03
Location: Oxfordshire Drives: Vauxhall Tigra 1.8
User status: Offline
|
Too much to read 
|
TNM
Member
Registered: 5th Apr 04
Location: Nottingham Drives: VW Tiguan
User status: Offline
|
quote:
Originally posted by Nismo
http://news.bbc.co.uk/1/hi/technology/3809855.stm
but its all crap really.
same thing was said about palms and there viruses never hit off.
But i think with blue tooth people will start to send a few more virus' around and it will take off in the newxt two years or so.
|
Nismo
Member
Registered: 12th Sep 02
User status: Offline
|
we shall see , easy antivirus - dont enable bluetooth or dont accept anything.
|
TNM
Member
Registered: 5th Apr 04
Location: Nottingham Drives: VW Tiguan
User status: Offline
|
quote:
Originally posted by Nismo
we shall see , easy antivirus - dont enable bluetooth or dont accept anything.
indeed. but you tell them that . . .
|
lucy.w
Member
Registered: 27th May 04
Location: leeds
User status: Offline
|
no read first line then saw the rest and thought no way
|
rstrich
Member
Registered: 2nd Jun 04
Location: Hartlepool now :D
User status: Offline
|
it's a hoax, check the antivirus site.
|
TNM
Member
Registered: 5th Apr 04
Location: Nottingham Drives: VW Tiguan
User status: Offline
|
quote:
Originally posted by rstrich
it's a hoax, check the antivirus site.
its not a fcuking hoax 
Cant you read?
Its not the one people post on here ten times a day that was a hoax.
|
