Subscribe to the::unwired's RSS Feedthe::unwired at Twitterthe::unwired on Facebookthe::unwired on Google Plus
the::unwired Article
SECURITY: First Bluetooth worm for mobile phones became reality
Posted by Arne Hess - on Tuesday, 15.06.04 - 12:41:51 CET under 01 - General News - Viewed 6326x
Not Tagged

According to Symantec, we got it - the first worm, designed for mobile devices - this time for Nokia Series 60 phones. According to Symantec's Security Response, the worm copies itself to other Bluetooth devices in range:

EPOC.Cabir is a proof-of-concept worm that replicates on Nokia Series 60 phones. It repeatedly sends itself to the first Bluetooth-enabled device that it can find, regardless of the type of device (ie even a Bluetooth-enabled printer will be attacked if it is within range).

The worm spreads as a .SIS file, which is automatically installed into the "APPS" directory when the receiver accepts the transmission. Upon execution, it will display a message then copy itself to a directory that is not visible by default. The worm runs from this directory whenever the phone is rebooted, so it continues to work even if the files are deleted from the APPS directory.

Once the worm is running, it will constantly search for Bluetooth-enabled devices, and send itself to the first device that it finds. There is no payload, apart from the vastly shortened battery life caused by the constant scanning for Bluetooth-enabled devices.

So far the worm wasn't seen in reality but anyway - the "proof-of-concept" definition might be a good hint what we can expect in future. So far, I haven't heard about a similar worm for Windows Mobile Smartphones or Pocket PCs but I'm sure it's just a question of time also. :-(

Cheers ~ Arne

Related Links : [More Information]


 

Related Articles SECURITY First Bluetooth worm for mobile phones became reality

  • No related articles found.
Comments
Posted by DubWireless on 15.06.04 - 14:51:24

bad news :cry: - but unfortunately it was inevitable given the capabilities of more recent smartphone devices...

with the press this will get it looks like anti-virus tools for mobile devices will be looked at more closely now... i remember seeing an F-Secure demo of their anti-virus software for wireless devices once for Pocket PCs, looks like they also have a Symbian (Nokia) Series 80 app to... http://www.f-secure.com/wir...

the key point in this case which uses Bluetooth is to set your Bluetooth device to visible or discoverable *only* when necessary - and if you receive an unsolicited item, i.e. that you haven't arranged to be sent via Bluetooth then treat it with suspicion and the best course of action would be to delete it (especially if it is an application, don't open it just for a look!)

BrianG

Social Sharing
     
This Week's Top Stories
Feeds & More
Awards & More
Recent Discussions
© Copyright 1998 - 2013 by the::unwired® & Arne Hess
All rights reserved!
the::unwired is a registered trademark of Arne Hess.
All trademarks are owned by their respective companies.
All site video, graphic and text content is copyrighted to the respective party and may not be reproduced without express written consent.