SECURITY

Mobile Phone Worm Inches Its Way to US

Print Version
E-Mail Article
Reprints

By Susan B. Shor
TechNewsWorld
Part of the ECT News Network
02/22/05 11:38 AM PT

"In the PC world, for example, some of the malware we're seeing can infect most or all of the vulnerable hosts in a matter of hours or minutes," said Ed Moyle of Security Curve. "In the phone world, it could take years to get to the same relative level of infection."


"Outgrowing Homegrown: Is your in-house billing system hampering your growth?" Register to attend this webinar from Vindicia, and learn how to use recurring billing as a strategic weapon to increase revenue and overcome a common pain point faced by fast growing online businesses.

The mobile phone worm Cabir has popped up in a Santa Monica, California, store window, its first known appearance in the U.S.

The news was greeted with a shrug by one analyst. "This worm's appearance in the wild is no surprise," Pete Lindstrom, research director at Spire Security, told TechNewsWorld. "After all, it was prophesied by the sacred texts of trade publications and antivirus vendors, and thus it happened. And it will happen again."

Eating Battery Power

The virus, which announces itself on mobile phones with the word "Caribe," was first discovered by an employee of security software provider Symantec (Nasdaq: SYMC) Latest News about Symantec. Cabir first appeared eight months ago in the Philippines and has since spread to 12 countries.

The malware sucks up battery power and blocks Bluetooth Latest News about Bluetooth connections. It was originally written as a proof-of-concept worm and sent only to security firms as a warning.

Cabir searches for the Bluetooth opening and sends a Symbian Latest News about Symbian Installation System to those phones. As with infected e-mail attachments, nothing will happen without user interaction. With Cabir, a user must accept the transmission and manually install it.

Only phones running Symbian OS with Series 60 software that have the Bluetooth wireless feature set to "discovery" mode are vulnerable to infection. The infected phones in Santa Monica were Nokia 6600 models.

Slow Spread

Because mobile phones use so many different operating systems, Cabir is unlikely to cause much damage.

"Unlike personal computers and the Internet, mobile phones and mobile phone networks are not generally open systems permitting unknown parties to introduce software," Ira Brodsky, president of Datacomm Research Latest News about Datacomm Research, told TechNewsWorld.

Ed Moyle of Security Curve concurred.

"I think the fact that it took eight months to get to the U.S. is a significant indicator of the infection rate that we're likely to see now that it's here," he told TechNewsWorld.

"In the PC world, for example, some of the malware we're seeing can infect most or all of the vulnerable hosts in a matter of hours or minutes," Moyle said. "In the phone world, it could take years to get to the same relative level of infection."

Narrow Focus

The overall problem of mobile device malware, however, is likely to get worse as virus writers find more sophisticated ways to spread the viruses and mobile operating systems become more standardized.

Earlier this month, IBM (NYSE: IBM) Latest News about IBM released its annual Global Business Security Index Report and named malware and spam attacks on mobile devices as a growing threat.

"Yes it is likely to get worse. People must care a lot more and be willing to pay for security. Or not, and learn to live with this type of thing," Lindstrom said.

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Susan B. Shor   RSS

Related Resources

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]