Russian Mobile Phone Users Say Hello to Trojan

The spread of malicious software such as viruses and Trojans to cellphones, long feared, has become a reality. A recent Trojan usedRussian Web sites to spam mobile phones via short message service (SMS).

The spamming was not widespread, but it did highlight the increasedlikelihood that cell phones may suffer the same sort of attacks thatfrustrate PC users, including spam, viruses and scams, experts said.

Security vendor Sophos said in an advisory the Troj/Delf-HA Trojan horsedownloads instructions on spamming cell phones and then delivers the junksolicitations via SMS, which can cost users money at the very least.

“Cell phone spam can not only be a nuisance, but it can also cost thephone owner money,” said a statement from Sophos senior technologyconsultant Graham Cluley. “Now SMS spammers are taking a leaf out of thebook of e-mail spammers and using unprotected, innocent PCs to pass theirunwanted messages.”

Talk Turns to Trojan

Security experts have warned for a few years now that some of the maliciouscode that has plagued PC users may be aimed at cell phones as they becomemore widespread and more capable.

Ken Dunham, iDefense director of malicious code intelligence, toldTechNewsWorld that the capabilities and target audience for a mobile phone attackare limited because of the technology involved — less sophisticated than adesktop operating system and more varied in platform. However, Dunham saidthe increased sophistication of cell phones and personal digital assistants(PDAs) — which can now connect to the Internet for e-mail, messaging andgames — and their wider use is making the devices more of a target.

As cell phones, notebook computers and other mobiledevices are integrated for messaging and other services along with PCs, Dunham said,there is increased opportunity for attack.

Say Hello to Spam

Sophos said the recent Trojan sending junk SMS messages was using the mobilephone messaging capabilities of several Web sites of Russian mobile phonenetwork providers.

Sophos advised companies to protect their e-mail gateways with aconsolidated solution of antivirus and firewall to thwart the threats.

Cluley also said similar efforts in the past had involved SMS spamcampaigns that encouraged recipients to call a number and sign up for costlyservices, such as a chat line.

Dunham said he envisions an increasing amount of spam and other maliciousefforts, such as phishing enticements for personal information, to move tothe mobile phone platform.

He said that although the threat has been very slow to mature, Trojans,viruses, phishing and other frauds are also more likely for mobile phones asattackers attempt to gain status among spammers and virus writers.

“I think we’re going to see more of this in 2004 and 2005, just because[it] is an opportunity and people interested in reputation want to just seeif they can do it,” Dunham said.

Java Jeopardy?

This summer, mobile phone operators in Europe were warned that within ayear the heavy reliance on Java-powered cell phones and handhelds wouldmake the devices a likely target for attackers.

The concern was that the number of Java-powered devices was reaching apoint that attackers would look to exploit the programming language toattack mobile users.

However, defensive measures, such as the Messaging Anti-Abuse WorkingGroup (MAAWG), have been established to try and thwart such attacks throughtechnology and education.