An Internet security firm claims to have found the first worm in the wild for Symbian OS, and it spreads via Bluetooth.
Computer security firm Kaspersky Labs is reporting that it has detected the first worm program for Symbian OS, dubbed Cabir. So far, however, it doesn't appear to have a payload beyond spreading itself.
Cabir appears to be transmitted as a SIS file, the Symbian distributable file type. The file appears as "Caribe Security Manager" in the user's inbox and prompts the user to install it, like a trojan. Once they do, however, the worm penetrates the system and self-activates whenever the device is started. Cabir will then scan the nearby area for Bluetooth-using Symbian handsets and send a copy of itself to the first one it finds. So far, the worm does not appear to have any malicious payload other than replicating itself to other devices.
Kaspersky believes the worm to have been created by a virus writer pseudonym Vallez, commonly used by virus groups 29a. 29a has been credited with other proof-of-concept viruses before, such as the first macro virus (Cap), the first .NET virus (Donut), and the first virus for 64-bit Windows (Rugrat).
Although Kaspersky says that the worm could spread to other manufacturer's handsets, most malware is very platform-specific so contamination outside of Symbian OS handsets is extremely unlikely. That still leaves a dangerously large set of potential targets, as Symbian OS is very popular in Europe and used in a large number of Nokia handsets.
Kaspersky does not have any removal instructions for handsets infected by the worm. However, uninfected users can protect themselves by setting their handsets to not-Discoverable. That hides the phone from other Bluetooth-using devices not already paired with it, making it impossible for the worm to spread to it (unless the two phones have already been paired). Users should also not install programs asking to install from within their inbox, which is generally good safety advice for any computing device regardless of platform.
 |
|
|
|
|
_pt00.jpg)
_pt00.jpg)
_pt00.jpg)
_pt00.jpg)
|
Archive