Slashdot Mirror
New Virus Bombards Mobile Phones With Junk Calls
Wolfe writes: "We knew it was only a matter of time before something like this happened ... I can't wait until our lives and households are completly wired and some jerk sends a virus to my toaster or hacks the coffee machine." Similarly,
crovax writes: "A new virus that spams mobile phone users is out. Checkout the story here. This virus that has only been reported in Spain infects a computer then starts generating random mobile phone numbers." I'd hate to be on the Washington Beltway when this hits the D.C. area!
You don't seem to understand how viruses really run. It's not a matter of whether something can send mail or not, it's a matter of whether an incoming mail can have code in it that will cause the host to send mail without the user's permission.
Actually, the viruses afflicting Outlook can only run if the user chooses to run them. The problem is that no warning is given the user, and it's so easy to do.
Java, on the other hand, automatically denies any script, or any code downloaded from the network, the privileges to do anything remotely dangerous. If the applet or other piece of code requests permission to do so, the user is given a clear warning that it is dangerous to permit it. And practically speaking, it is actually quite a bother to even ask the user for these permissions-- Java's security model is almost too strict. In the long run, though, that's probably best.
I absolutely agree that its important to make the distinction between virus, worm, trojan, etc., it would cut down on confusion, and encourage more background understanding of computers in general.
/.'d the New England Journal of Medicine website tonight? It's up, but it's boggy as hell.
However, I think it's funny that you suggest "pathogens". In medical school, we had the same problem with distinctions that were generally important (bacteria, protozoa, viruses, worms, other parasites, etc.), but which could be cumbersome when speaking generically. 'Pathogen' wasn't always appropriate either (the same species can be a pathogen in one site, and normal flora in another).
Do you know what we call them, collectively, in the hospital? Bugs.
"Hmmm... Computer bugs?" No, that's already taken...
-------------------
All right, who's the wise guy who
If you can go to bed, knowing you did a valuable thing today, you're very lucky. If you can't... it's not bedtime
This story is already being reported on the BBC as "a virus that infects mobile phones". Well, what's next, infected fax machines and telephone answering systems? As soon as technology is published, someone is trying to crack and abuse it. This is an old story. To paraphrase Dilbert, the designer of any hackable technology has to pit his wits against the collective urges of millions of idle young minds.
The spate of email viruses is just, IMHO, a consequence of the Microsoft monoculture. Systems tend to evolve checks and balances, and computer viruses appear to play a fairly meaningful (if destructive) role in ensuring some kind of diversity.
So, roll on the first true mobile-phone viruses. I predict that the first mobile phones to run the-OS-formerly-known-as-Windows-CE will be the easiest targets. My voice-activated GSM already makes silent phone calls whenever a car drives past, unless I lock the keyboard. Expect many very expensive unwanted calls to numbers in third-world countries.
A computer virus can do unquantifiable damage to a system. Who can you sue? The long-distance calls made by a mobile-phone virus will be much easier to quantify. When the first major mobile phone virus wave hits, expect class-action lawsuits by the thousands of phone users affected. Ralph Nader, where are you?
My blog
...to clue politicians in.
I don't believe any politician is particularly affected by email spam: they typically have front-end staff that filter the mail.
I don't expect they have the same setup for their personal cellphone.
The *ONLY* way that the laws about spam will change is when spam starts hurting politicians. The anti-spam SIGs are just not glamourous enough to garner attention from the politicos.
Anti-spam SIGs that protest baby seal clubbing, maybe they'd get the attention...
--
--
Don't like it? Respond with words, not karma.
The Telefonica virus uses an http based message gateway. These are extremly common in europe, and most of them have "spam checking", e.g. will not send two identical messages within a given time. Search google for "free sms" to find these (usually ad-financed) services. Some of the more sophisticated gateways want username and password. The telefonica virus generates random (spanish) mobile phone numbers. (Here in Europe, Cellphones have distinct area codes. In Germany, e.g. 16x and 17x are used or reserved for cellphones) Walter
Absinthe makes the heart grow fonder
When you can have a script that actually sends you some usefull stuff on your cellphone ? Check out the script in my sig...
Anyway, this was bound to happen, with all the SMS gateways springing up everywhere. Does anybody know of global SMS gateway sites besides Quios ? I was trying yesterday night to get my slashsms.pl script to work with it, but they use a very clever method to spoof the location of their cgi for every session, and I didn't have the time to work around it.
superblog.org: all your favourite blogs on o
It was a month or so ago, when I received this SMS message on my mobile:
TELSTRA, OPTUS AND VODAFONE NOW SUPPORT INTER-NETWORK SMS MESSAGES. FORWARD THIS MESSAGE TO 15 PEOPLE AND YOU WILL GET $20 CREDIT ON YOUR NEXT BILL.
I didn't know whether to laugh or cry.
- Chuq
Java, on the other hand, automatically denies any script, or any code downloaded from the network, the privileges to do anything remotely dangerous. If the applet or other piece of code requests permission to do so, the user is given a clear warning that it is dangerous to permit it...
This is a problem waiting to happen. So users click on their friend's email attachment. The user is prompted
The end-user, knowing that they want to launch it, think this is silly, and just click "Permit"
Then the user is asked from some obscure signer for permission to access the file system, to access other programs, etcetera. A large enough number of users will think this a nuicense, and just click "Permit" until their attachment runs.
There has to be a better way. If perhaps we could pre-approve all local signing authorities, and refuse everybody's ability to "Permit"... but then one user who knows a little bit too much could spread a virus/trojan/worm through a cooporation like wildfire.
Maybe we should just give up, go back to the CLI and hand all our users manuals. It keeps the stupid people away.
Well, I don't normally bother responding to flamebait, but on this occasion...
I'm not totally dumb. In addition the corporate firewall I also run AtGuard (now part of Norton IIRC) which keeps an eye on any active content from the Web, and should also trap anything unauthorised that tries to send information back out. Also I don't run Internet Explorer, so the worst idiocies of ActiveX are not an issue for me.
On top of that we also have a clued in administrator (I am not an administrator, I just look after my desktop box) who keeps our virus checker up to date and does threat monitoring on the servers. ILOVEYOU didn't get in here.
Finally, I spent about six months trying to run with separate user and admin IDs, and believe me it just wasn't worth the hassle. There are so many little jobs, from defragging the hard drive to updating the IP configuration, that have to be done by an administrator. Its just too much trouble.
Sure, it would be better practice to keep separate IDs. But this brings me back to my original point: the fact that I can't do "su" or equivalent means that NT is less secure than it might be because human beings (I am one you know) have better things to do with their time than save all their work, log out, log in, wait for Outlook to fire up, wait for Netscape to fire up, do whatever is needed, repeat.
So, mister clueless pratt, what are you going to do now?
Paul.
You are lost in a twisty maze of little standards, all different.
No, messages can't just magically appear on your phone but they can appear quite easily. You could easily create a virus that spams cell phones, for instance:
AT&T uses "555-555-1234@mobile.att.net" where 555-555-1234 is the cell phone number and mobile.att.net is the email-2-mobile gateway. Most cell phones use their own exchange apart from the land line community phone exchanges. So, you store a few email-2-mobile gateway servers, store a few exchanges for each gateway and just spin through all viable numbers. Quite easy. This is sort of what the afforementioned virus does, just much simpler.
I would think there would be a simple way to get around this too, maybe some cell phone companies allready do this. Since the cell phone service providers are the ones that provide the cell-2-mobile gateway why not set up an access list for each cell phone. Usually, you don't use your cell phone as a main mail reader and composer, usually you get messsages from a certain group of people. If a person trying to email your phone isn't on the access list, the gateway could simply email them a response telling them so and to send the message again or approve it for it to trully go through.
I just hope that someone doesn't come up with a way to *voice* spam cell phones...
Geoff
"New Virus Bombards Mobile Phones With Junk Calls"
No, it bombards their cell phones with SMS (short for Short Message Service) messages, not phone calls. I wish slashdot article posters would pay more attention to what they are typing and read more carefully.
Geoff
This will be interesting as most cell phone pricing packages charge you for an email message received on your phone whether you want it or not. What will happen when they let through 300 messages from a worm cruising around and you get a $150 phone bill.
Spam from these sorts of viruses is irritating when you're on a flat rate internet connection, it's gonna be a serious issue when you pay per message.
Hotnutz.com - Funny
I hope the people involved in developing the "wired home" and associated technologies take note of this.
;)
I can imagine it. The Saturday Night Fever Virus. It triggers at about 11:00pm on a Saturday. All your lights start flashing on and off, your stereo starts playing a BeeGees track and your toaster burns some toast (for that authentic nightclub-smoke atmosphere).
Or even better... the ILoveYou@Home virus. Your bed starts vibrating, the lights dim, the stereo starts playing some romantic music, then it rings your neighbor and starts the same thing at their house!
"How much truth can advertising buy?" - iNsuRge - AK47
"How much truth can advertising buy?" - iNsuRge - AK47
THIS PAGE lets you send SMS messages to anyone you care to.
One wonders if they're harvesting spam-able phone numbers...
(hit Google and type "send sms message cell phone" and you'll get another few sites that let you do the same thing)
--
--
Don't like it? Respond with words, not karma.
Ask yourself this question: what exactly is 'scripting' ?? Scripting is the screen door in the back yard of your beloved computer. It's the 'nice' feature that does 'fun' things for you and your family. It's a way to execute instructions on your host without the rigors of software installation:
./configure
... this never happens with scripting. A couple of UI atoms, a click, a CR, and BAM! Something foreign is running on your computer. Maybe it's your own, maybe it belongs to your employer, maybe it's a gov't owned CRAY.. it doesn't matter, it's running.
less README
less INSTALL
(possibly) examine source code, Makefile, etc
make
make install
execute
I know, Perl is wonderful (VB much less so), the shell script venerable, and I use these tools all the time, but if you think about it, allowing this kind of execution in an untrusted environment is just inviting disaster.. eventually.
It will happen, mark my words, it will happen, even to the elite. A destructive trojan is only as far away as freshmeat and your root prompt. How many of us can say it will never happen to us? Do you trust FM implicitly? Do you read every line of script source before you execute it? If you do, then you are far better than I.
When the Windows world is tossed about like a reed by these virii, I do not laugh, I worry. It's only a matter of time before I take one for the team myself, and I know that.
--
Dave
MSNBC writes "a virus that infects mobile phones" - well, just plain wrong: No mobile phone can execute VBscripts. The virus infects ordinary PCs the same way the "I love you" virus did it, but just besides the ordinary stuff, it might also try to send a few SMS... But the phone doesn't get infected...
I hope Slashdot wont't publish such plain wrong stuff again! Just because it's written on msnbc doesn't mean it's true, mind you!
I have an alphanumeric pager that I keep for monitoring our servers and it is usually spammed about once a week. Don't ask me how they ever got ahold of my phonenumber/email address for this pager. I suspect that paging service provider is selling these numbers off for profit, but I could be wrong. However, it is rather annoying when my pager goes off and I just about have a heartattack thinking one our servers is down only to find out that it is nothing more than another advertisement . Not to mention that every page I get counts toward my monthly quotas and soon I will be charged to receive "spam".
Nathaniel P. Wilkerson
NPS Internet Solutions, LLC
www.npsis.com
Nathaniel P. Wilkerson
www.haidacarver.com
Some time ago, when a friend of mine had a cell phone and I didn't, I'd send him text messages via a web page helpfully provided by Fido (the company selling us the service).
This was very useful, but is trivially easy to spam via scripts. My friend even wrote such a script, to forward email from his account to his phone (before purchasing phone email service).
It would only take one or two knowledgeable people saying "hey, that's neat!" to do that here in Toronto, and I'm sure Fido isn't the only company set up this way.
That said, I will officially laugh my ass off if these phones are running Windows CE...
Dammit, my mom is not a Karma whore!
At the moment it targets one specific email-2-mobile gateway. Many gateways have opt-in stuff and passwords so that human spammers can't abuse the system. This virus is simply exploting an open gateway, like that nntp gateway demon used to run.
Melissa and the love bug got faxed to people through email-2-fax gatways (we one run at work, so I know what they're like). I have a few e-mail addresses for my mobile. This latest thing is an inevitable variation on an old theme. Nothing to see here, move along now.
(That said, if I'd received "I LOVE YOU" on my mobile I would have thought it funny enough to take a photo and post it somewhere on the web ;)
The first is a free service that just broadcasts the subject line. I can decide if I will allow it, disallow it or require a password in the subject line. I currently have it open and I forward a copy of all my email to it after hours.
The second charges me for messages, but will send the first 100 or so characters, subject and message body. It has a range of filters including a maximum number of messages per 24hours and a block/accept list. I can block specific address or only allow certain addresses. I have this one setup to allow all, but only 10 a day. It's currently not being used.
If it's important to you, you can filter out most of the crap, but I prefer to just turn the phone off when I'm asleep (or at the movies). I use pure SMS, so it's not like I'm going to catch a virus on my 8810. ("Smarter" phones may have exploitable holes, I don't know.)
Posted by serpens:
The articles say different things. It looks like another journalist wasn't listening to what was being said.
The Yahoo article:
They also said the attack is relatively benign, as it does not destroy computer files but merely delivers a message disparaging the Spanish telephone company Telefonica.
The MSNBC story:
The virus has a nasty payload, as well - it attempts to delete all files on the victim's hard drive and performs several other operations that makes restoration difficult.
Do journalists get anything right anymore???
serpens`
The idea of "everything being connected" has been around for some time. Quick things that come to mind are Sun's JINI (or Java for that matter), Microsoft's "Home", and the X.25 protocol.
/. keeps ranting about the evils of VBS, the same thing could be done in Perl, or any other unix scripting lang. One user has already talked about Fido in Toronto and it's web message interface, Clearnet has the same thing. How long before some script kidde hacks a shell account and starts bombing cell phone from there?
To quote from the article linked to:
The virus has a nasty payload, as well - it attempts to delete all files on the victim's hard drive and performs several other operations that makes restoration difficult.
So once again we have another VBS virus. But everyone on
Back to the "networked home". Heres where people start to go overboard. I don't want my toaster on the internet, but I *might* want it on my lan. Simple firewalls can stop someone from toasting bread all day long in your house while you are at work...
It's really sad to see that someone chose a virus to send their political message (the article has a copy of it if you want to read it). I'm all for political activism, but trashing someones HD will not get your point accross...
To fix this problem, the SMS protocal needs to have some sort of accountabilty factored into it. Right now, you can send a message to anyone from almost anywhere. If a block sender/approved senders list was added to the spec, users could chose the level of security they want (Do you want to allow all, and only block some, or so you want to block all, and only allow some?)
It will be awhile before we see the end of the VBS nightmare, but Linux users better watch out, it's been TOO LONG since someone released a virus that attacked some (yet) unknowen weakness in Linux/BSD.
That's just my $0.02 According to antivirus researchers Kaspersky Labs, the virus works only on Windows 98 or Windows 2000 computers on which the Windows Scripting Host (WSH) is installed.
Driven by 100% sarcasm - fueled by the need to be heard.
This flooding of messages is just like DDOS: it's impossible to tell a real request from a fake one all you can do is look for validation of headers and block heavy loads from multiple requests.
This reminds me alot of a nasty little prank.
Get the home phone number of someone you hate.
Find a bank of pager numbers.
Send random pages to various people at odd hours of the night with victim's phone number as the reply. (Some pager systems allow e-mail pages. This allows for AT or Cron jobs.)
Repeat as needed.
"Trademarks are the heraldry of the new feudalism."
The virus type, known as a worm, targets phones
This is just plain wrong; viruses are viruses and worms are worms and never the twain shall meet. What we need to do is start using a general word like "pathogens" to describe all communicable software nasties. If people then want to get specific and say what sort of pathogen it is, then that's fine, but to treat "viruses" as a category encompassing worms and trojan horses and the sort is absurd.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
Heck, all you really need to do is start posting messages to Usenet with a random @mobile.att.net (or similar) address each time and other people will spam the phones for you...
Over here in Australia, we don't need a virus rining an emergency number.. our emergency number is '000' - in a recent article, they mentioned that a significant (but not excessive) percentage of calls are from people with mobiles that keep bumping the '0' key. ;-)
-pf
Make affiliate bucks
This is scary. We could all be wiped out by a disease spread by a dirty telephone. I'm going to hire a telephone sanitizer right away.
134340: I am not a number. I am a free planet!