And now a message
from Commwarrior..."> If anyone felt threatened by Cabir, they should be positively terrified of Commwarrior. I spoke with Victor Kouznetsov, Sr. VP Mobile Solutions for McAfee and he argues that Cabir was a proof-of-concept worm, not a real-world attempt to infect. Kouznetsov says that Commwarrior, on the other hand, is a real attempt to spread like real malware. It spreads both through Bluetooth and MMS (Multimedia Messaging Service). Like Cabir, it arrives as a program that the user has to launch.Such messages have been used by Windows-based worms for years and I keep hearing that people fall for them, so I would assume that they might work on Nokia phone users. (According to F-Secures analysis of the worm it also contains the string "OTMOP03KAM HET!" which is Russian and translates roughly to "No to braindeads". This is a real worm (or arguably a virus or Trojan horse), not the experiment that Cabir was. And yet it appears that this program has been out in wild since January, and it only showed up on the radar screens of the antivirus establishment this week, which makes you wonder: How virulent can it really be? Check out eWEEK.coms for the latest news, reviews and analysis on mobile and wireless computing. I think the characteristics weve observed so far in worms such as these are not so much indicative of the immaturity of the mobile phone virus establishment as of inherent limitations in the mobile phone infrastructure for malware. Its hard to imagine an attack that will, for example, work on phones with different operating systems. As best as I can tell, there are a variety of platforms in place in this market and its possible that SymbianOS, the target for Cabir and Commwarrior, is more amenable to such development than the others. All of them have been around for years, so I would have expected proofs of concept on all of them by now. If only real computing platforms had this as the cutting edge of security threats! If I were buying one of these fancy-schmancy mobile phones I wouldnt hesitate to buy a Nokia just because there are stupid attempts out there like this. Its just like a PC, you just have to pay attention and any threat that comes along will be obvious. Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
More from Larry Seltzer
More interestingly, it uses classic worm social engineering to try to trick the user into launching the attachment, including such enticing messages as "Free *SEX* software for you!" and "Security update #12. Significant security update. See www.symbian.com".