‘CommWarrior’ unleashed!
March 19, 2005 | 12:00am
If you are fond of sending Multimedia Messaging Service (MMS) messages and receive lots of them yourself, your phone may be vulnerable to a virus attack. If your handset is Bluetooth-enabled, your risk is doubled.
Fortunately, the new phone virus that was detected last week by security firms, dubbed "CommWarrior," runs only on phones using the Symbian OS series 60 platform. No reports yet of the mobile malware creeping into other devices or platforms.
There is no reason though to sit back and relax. Just last month, Cabir, the world’s first mobile phone virus traveling via Bluetooth, caught mobile phone users in all corners of the globe by surprise, although it was first detected eight months earlier in June 2004.
In the age of information, it pays more than ever to be informed.
Though relatively harmless compared to computer viruses that are sweeping across the networked world, mobile phone viruses may be the next big headache in the tech community. According to estimates, there are currently 1.5 billion mobile phone users in the world and growing bigger by the day. This so-called "virgin territory" is proving too irresistible for virus authors that newer strains of viruses have been detected lately.
In a statement from Helsinki, Finland on March 8, security firm F-secure said indications of a new mobile virus spreading through MMS were hinted in a Serbian discussion group in January, which warned of a worm to be sent via MMS messages from infected Symbian OS phones.
As detected in its true form a week ago, CommWarrior, like Cabir, arrives on your cellphone as a commw.sis file. Once downloaded, it installs itself in the phone and quickly searches for other Bluetooth-enabled phones within range to infect. But it doesn’t stop there. It automatically sends MMS messages to the infected phone’s contact list and on the first hour of the 13th or 14th day of the month, it automatically resets the device.
This makes it more disruptive than Cabir since while Bluetooth exchange is cost-free, MMS is not. If your phone is hijacked by this worm, which is also called CommWarrior.A by Symantec, SymbOS/CommWarrior.a by McAfee, and SYMBOS_COMWAR.A by Trend Micro, you have to worry not only of fast battery drain but also of increased and unwanted billing (if you are on a postpaid plan) and rapid load drain (if you are using prepaid SIM). Worry, too, that the worm chooses up to 256 contact numbers from the device’s phonebook, according to Symantec.
CommWarrior-infected MMS messages usually carry very attractive headings such as "Norton AntiVirus Released now for mobile, install it!, "3DGame 3DGame from me. It is FREE!, "Free SEX! Free *SEX* software for you! or "WWW Cracker Helps to *CRACK* WWW sites like hotmail.com."
Heed the advice of security experts: never accept messages from unknown sources no matter how tempting, always keep your Bluetooth off and your phone’s visibility hidden when not in use, and avoid pairing your handset with another device.
Now that mobile phone viruses are getting their share of the limelight, it pays to know that while these threats started to appear only in the second half of 2004, they may be here to stay, judging from the speed with which they have mutated into more destructive forms.
In the tech underworld, as in life, the road to hell is paved with good intention, as the saying goes. The first two known mobile malware were not really created to wreak havoc on handsets but to "prove" that malicious codes for handsets can be written. A group of programmers, who called themselves 29a, reportedly developed the EPOC.Cabir virus for Symbian smartphones and WinCE.Dust for Pocket PC in June and July 2004, respectively.
These two, however, have opened the floodgates to other phone viruses.
A month after the launch of Wince.Dust, which rode on the Windows CE platform and came as an e-mail attachment, another worm was activated via pirated copies of Ojom Software’s game Mosquito. It turned out that the game’s developer itself created the virus to protect its creation from piracy. Lesson for the day: thou shall not download illegal copies of the game software on your handheld. It may be bundled with a virus.
Another virus that masquerades itself as a game was called METAL Gear.a. New Zealand security specialist SimWorks said a file named SEXXXY.sis is sent to any Bluetooth-enabled phone and once a user accepts it, it automatically disables the Symbian system in the handset. Users would very likely download the message as it masquerades itself as the Symbian version of Metal Gear Solid game.
Last November, some Symbian smartphone users reported to have found skull images on their phones, instead of icons in the phone’s applications. This was the skulls.a virus disabling the phone’s functions. Imagine yourself staring at your phone’s LCD screen and finding lots of images of human skulls and bones in place of your customized icons or wallpapers.
Fortunately though, mobile malware has not yet assaulted enterprises. But as PDA phones and other handhelds are now increasingly being issued by companies to their employees, it pays to adopt security policies that will protect the system from surprise attacks.
Fortunately, the new phone virus that was detected last week by security firms, dubbed "CommWarrior," runs only on phones using the Symbian OS series 60 platform. No reports yet of the mobile malware creeping into other devices or platforms.
There is no reason though to sit back and relax. Just last month, Cabir, the world’s first mobile phone virus traveling via Bluetooth, caught mobile phone users in all corners of the globe by surprise, although it was first detected eight months earlier in June 2004.
In the age of information, it pays more than ever to be informed.
Though relatively harmless compared to computer viruses that are sweeping across the networked world, mobile phone viruses may be the next big headache in the tech community. According to estimates, there are currently 1.5 billion mobile phone users in the world and growing bigger by the day. This so-called "virgin territory" is proving too irresistible for virus authors that newer strains of viruses have been detected lately.
In a statement from Helsinki, Finland on March 8, security firm F-secure said indications of a new mobile virus spreading through MMS were hinted in a Serbian discussion group in January, which warned of a worm to be sent via MMS messages from infected Symbian OS phones.
As detected in its true form a week ago, CommWarrior, like Cabir, arrives on your cellphone as a commw.sis file. Once downloaded, it installs itself in the phone and quickly searches for other Bluetooth-enabled phones within range to infect. But it doesn’t stop there. It automatically sends MMS messages to the infected phone’s contact list and on the first hour of the 13th or 14th day of the month, it automatically resets the device.
This makes it more disruptive than Cabir since while Bluetooth exchange is cost-free, MMS is not. If your phone is hijacked by this worm, which is also called CommWarrior.A by Symantec, SymbOS/CommWarrior.a by McAfee, and SYMBOS_COMWAR.A by Trend Micro, you have to worry not only of fast battery drain but also of increased and unwanted billing (if you are on a postpaid plan) and rapid load drain (if you are using prepaid SIM). Worry, too, that the worm chooses up to 256 contact numbers from the device’s phonebook, according to Symantec.
CommWarrior-infected MMS messages usually carry very attractive headings such as "Norton AntiVirus Released now for mobile, install it!, "3DGame 3DGame from me. It is FREE!, "Free SEX! Free *SEX* software for you! or "WWW Cracker Helps to *CRACK* WWW sites like hotmail.com."
Heed the advice of security experts: never accept messages from unknown sources no matter how tempting, always keep your Bluetooth off and your phone’s visibility hidden when not in use, and avoid pairing your handset with another device.
In the tech underworld, as in life, the road to hell is paved with good intention, as the saying goes. The first two known mobile malware were not really created to wreak havoc on handsets but to "prove" that malicious codes for handsets can be written. A group of programmers, who called themselves 29a, reportedly developed the EPOC.Cabir virus for Symbian smartphones and WinCE.Dust for Pocket PC in June and July 2004, respectively.
These two, however, have opened the floodgates to other phone viruses.
A month after the launch of Wince.Dust, which rode on the Windows CE platform and came as an e-mail attachment, another worm was activated via pirated copies of Ojom Software’s game Mosquito. It turned out that the game’s developer itself created the virus to protect its creation from piracy. Lesson for the day: thou shall not download illegal copies of the game software on your handheld. It may be bundled with a virus.
Another virus that masquerades itself as a game was called METAL Gear.a. New Zealand security specialist SimWorks said a file named SEXXXY.sis is sent to any Bluetooth-enabled phone and once a user accepts it, it automatically disables the Symbian system in the handset. Users would very likely download the message as it masquerades itself as the Symbian version of Metal Gear Solid game.
Last November, some Symbian smartphone users reported to have found skull images on their phones, instead of icons in the phone’s applications. This was the skulls.a virus disabling the phone’s functions. Imagine yourself staring at your phone’s LCD screen and finding lots of images of human skulls and bones in place of your customized icons or wallpapers.
Fortunately though, mobile malware has not yet assaulted enterprises. But as PDA phones and other handhelds are now increasingly being issued by companies to their employees, it pays to adopt security policies that will protect the system from surprise attacks.
BrandSpace Articles
<
>
- Latest
Latest
Latest
December 11, 2023 - 11:00am
December 11, 2023 - 11:00am
November 23, 2023 - 4:35pm
November 23, 2023 - 4:35pm
October 16, 2023 - 5:00pm
October 16, 2023 - 5:00pm
September 28, 2023 - 2:00pm
September 28, 2023 - 2:00pm
August 24, 2023 - 4:43pm
August 24, 2023 - 4:43pm
Recommended