And now a message

By Larry Seltzer  |  Posted 2005-03-07 Print this article Print

from Commwarrior..."> If anyone felt threatened by Cabir, they should be positively terrified of Commwarrior. I spoke with Victor Kouznetsov, Sr. VP Mobile Solutions for McAfee and he argues that Cabir was a proof-of-concept worm, not a real-world attempt to infect. Kouznetsov says that Commwarrior, on the other hand, is a real attempt to spread like real malware. It spreads both through Bluetooth and MMS (Multimedia Messaging Service). Like Cabir, it arrives as a program that the user has to launch.

More interestingly, it uses classic worm social engineering to try to trick the user into launching the attachment, including such enticing messages as "Free *SEX* software for you!" and "Security update #12. Significant security update. See".
Such messages have been used by Windows-based worms for years and I keep hearing that people fall for them, so I would assume that they might work on Nokia phone users. (According to F-Secures analysis of the worm it also contains the string "OTMOP03KAM HET!" which is Russian and translates roughly to "No to braindeads".

This is a real worm (or arguably a virus or Trojan horse), not the experiment that Cabir was. And yet it appears that this program has been out in wild since January, and it only showed up on the radar screens of the antivirus establishment this week, which makes you wonder: How virulent can it really be?

Check out eWEEK.coms for the latest news, reviews and analysis on mobile and wireless computing. I think the characteristics weve observed so far in worms such as these are not so much indicative of the immaturity of the mobile phone virus establishment as of inherent limitations in the mobile phone infrastructure for malware. Its hard to imagine an attack that will, for example, work on phones with different operating systems. As best as I can tell, there are a variety of platforms in place in this market and its possible that SymbianOS, the target for Cabir and Commwarrior, is more amenable to such development than the others. All of them have been around for years, so I would have expected proofs of concept on all of them by now.

If only real computing platforms had this as the cutting edge of security threats! If I were buying one of these fancy-schmancy mobile phones I wouldnt hesitate to buy a Nokia just because there are stupid attempts out there like this. Its just like a PC, you just have to pay attention and any threat that comes along will be obvious.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel