Welcome | Sign In
ECommerceTimes.com
Malware

Text Message Replies May Carry Malware

Print Version
E-Mail Article
Reprints
Text Message Replies May Carry Malware

By Susan B. Shor
TechNewsWorld
Part of the ECT News Network
04/05/05 2:59 PM PT

While there may be no way to prevent Mabir.A's attempt to spread, one analyst said infection is not the biggest problem with this malware. "Short of abstaining from text messaging, it isn't clear how a user would prevent the phone from becoming infected," David Friedlander, senior analyst, Forrester Research, told TechNewsWorld.


Tips to Integrate Social Media into Your Day-to-Day Media Monitoring
Is social media part of your PR and marketing strategy? This white paper is filled with tips on how to listen to conversations about your brand in the media (social media, print, TV and internet) using the latest tools and techniques. Download Now.

The latest twist in mobile malware, Mabir.A, poses as a reply to a text message a user has already sent. The virus targets Symbian Series 60 phones just as did CommWarrior and Cabir, the two other know mobile phone viruses, but it is not expected to spread quickly, according to security experts.

Mabir.A has very similar code to Cabir and was probably written by the same person, said F-Secure, the company that discovered the virus. Mabir.A, however, spreads by waiting for an SMS or MMS message to come in. When it does, the virus sends itself as an MMS reply to the sender's phone.

Going Nowhere Fast

"We saw low propagation rates with Cabir and CommWarrior, so I'm expecting that this malware will not spread very quickly either," Ed Moyle, president of SecurityCurve, told TechNewsWorld.

Cabir and CommWarrior searched for Bluetooth-enabled Symbian phones and sent themselves to the phone numbers stored in those devices. Moyle said the virus requires the phone user to install it before it can infect the device, making it unlikely it will become a serious threat.

"When the phone receives Mabir, for example, the user is shown the text, 'Install caribe?' and has the option of specifying either 'yes' or 'no.' Since there isn't any text in the reply message, this would be analogous to receiving an e-mail from someone you know with no content and an executable file attached. In that case, most of the time, the receiver wouldn't run the executable."

Expect More Malware

Mabir.A was discovered by F-Secure, which said that it had not been found in the wild, but cautioned that Cabir's writer said in a magazine interview that he planned to write more mobile phone malware.

While there may be no way to prevent Mabir.A's attempt to spread, one analyst said infection is not the biggest problem with this malware. "Short of abstaining from text messaging, it isn't clear how a user would prevent the phone from becoming infected," David Friedlander, senior analyst, Forrester Research, told TechNewsWorld. "There's no reason to panic, though.

"At this point, mobile phone viruses are few and far between, and don't carry a malicious payload. The real issue is that carriers will get unwanted traffic on their networks. As the viruses become more sophisticated over the next 2-3 years, we may see denial-of-service type attacks on mobile networks."

Print Version E-Mail Article Reprints More by Susan B. Shor

Talkback: Be the first to comment on this story.

Related News Alerts

F-Secure Activate Alert | Search Archives

More by Susan B. Shor

Salesnet President Jonathan Tang Ready to Take On Salesforce.com
February 07, 2006
"We think it's Salesnet's time now. We've been around since the beginning, we've been lying low, but you're going to start to see more of us. We've done it through organic growth and happy customers. We continue to focus on customers." 		Comcast Follows Time Warner in Offering 'Family' Programming Tier
December 23, 2005
"The demand for this type of tier is coming from the FCC and Christian conservatives. It has nothing to do with legitimate consumer demand," Todd Chanko, senior analyst at Jupiter Media, told the E-Commerce Times. 		High-Risk Flaw Found in Symantec's Software
December 22, 2005
"Part of the significance of this vulnerability announcement is that your machine can be exploited without you needing to do anything at all. You don't even have to open an e-mail or attachment, and this happens with the default configuration of the product," said Forrester Research senior analyst Michael Gavin.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> Online Retail Transaction Performance Indices
> Inside E-Commerce Times
E-Commerce Times
TechNewsWorld
CRM Buyer
LinuxInsider
MacNewsWorld
Today's E-Commerce Times Sponsors
Complimentary Webinar
How Much is 'Free' Costing You? DaveRamsey.com’s 567% ROI with Enterprise Analytics
Entrust Extended Validation SSL
Entrust EV SSL certificates -- "go green" for less. Now from only $199 per year.
Avaya Aura™
Save up to 40% on calling costs with Avaya Aura™
Trend Micro Smart Protection Network(TM)
Lower your content security management costs by up to 40%.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2009 ECT News Network, Inc. All Rights Reserved.