Worm Developed for Nokia Series-60 Phones

← Back to Stories (view on slashdot.org)

Worm Developed for Nokia Series-60 Phones

Posted by CmdrTaco on Tuesday June 15, 2004 @02:04AM from the reducing-cell-phone-calls-is-not-a-bad-thing dept.

Tuxedo Jack writes "It had to happen. The first worm designed specifically for cellular phones has been developed, and Cabir appears to be a way of effectively killing Nokia Series-60 cellular phones via shortening the battery life due to scanning for nearby Bluetooth devices and propagating itself. This still relies on a user to open it, so hopefully that won't be many, and those that do must use a file manager to find and kill the worm. At least it isn't a dialer!"

4 of 260 comments (clear)

Min score:

Reason:

Sort:

K.I.S.S. - simplicity is key by ack154 · 2004-06-15 02:05 · Score: 5, Informative

I'd just like to say that this is why it's still nice to have a phone with relatively limited features - well, that and it's a Motorola (T720). I don't have to worry about the Bluetooth stuff, and I don't even have web access activated on it.

Also, according to the SARC article linked - this worm will attack any bluetooth device that it finds in it's range - not just phones - SARC uses a printer as an example, but what about those nice bluetooth mice/keyboards and PDAs, etc?

They have an image of the phone with the message displayed on it too.
1. Re:K.I.S.S. - simplicity is key by boskone · 2004-06-15 02:14 · Score: 5, Informative
  
  umm, the t720 is a hugely complicated phone. It can browse the web, display pictures, play games. I would not classify it as "basic" even though newer phones do more.
  
  as an aside, does yours ever lock up so hard that you have to pop the battery out to reset it?
Re:Semantics by Tranzig · 2004-06-15 02:14 · Score: 5, Informative

Actually the difference between viruses and worms is that worms are standalone programs while viruses need to infect other executables to be effective.
what does it prove? by randomized · 2004-06-15 02:43 · Score: 5, Informative

Really, this does not prove anything. It doesn't exploit any weakness in the system and very easy to avoid.

I am not sure how many of people who have posted before actually OWN series 60 device, but let me assure you that it's not as simple as accepting somebody's bluetooth transfer.

First of all, you must have bluetooth always on and your device available to all, which is really bad idea considering that it eats your battery much faster. Battery life of the series 60 devices is pretty small as is. Having bluetooth on is sure way to kill it further.

Second, you will have to go through few steps of actually INSTALLING unsigned application. This is VERY intrusive.

Third, this thing does not auto startup. So, when your device is drained off battery, it won't run by itself as far as I can see.

All in all, very poor attempt to create a malware for Series 60. I am sure you can get much higher propagation by installing an autoexec worm inside of S60 warez releases.

Other avenue to look into is malformed MMS message that does buffer overrun and allows to execute arbitrary code. Now this would be a real baddy because you will be infected as soon as you open a message.

Nice try, but no cake.

--
-- shortcut - the longest distance between two points.