Slashdot Mirror
Worm Developed for Nokia Series-60 Phones
Tuxedo Jack writes "It had to happen. The first worm designed specifically for cellular phones has been developed, and Cabir appears to be a way of effectively killing Nokia Series-60 cellular phones via shortening the battery life due to scanning for nearby Bluetooth devices and propagating itself. This still relies on a user to open it, so hopefully that won't be many, and those that do must use a file manager to find and kill the worm. At least it isn't a dialer!"
It had to happen sooner or later, with people predicting the cell phone will be your next computer.
I guess Series 60 phone owners should be thankful that it just drains battery life. What if the worm sent 80,012 text messages to everyone in your contact list! Imagine the cell network congestion and billing chaos that would ensue... Lets hope cell phone manufacturers start tweaking their phone OSes to prevent that kind of disaster in the future!
Urge to post... fading... fading... RISING!... fading... fading... gone.
After searching Google news and other sources I could not find a similar story anywhere besides this similar story posted on ZDnet Australia. The only problem is that it was dated back 10 February 2004. Not sure if it's the same story... or same worm but worth a read for those that cannot get out to Symantec.
Hmmm.
I'd just like to say that this is why it's still nice to have a phone with relatively limited features - well, that and it's a Motorola (T720). I don't have to worry about the Bluetooth stuff, and I don't even have web access activated on it.
Also, according to the SARC article linked - this worm will attack any bluetooth device that it finds in it's range - not just phones - SARC uses a printer as an example, but what about those nice bluetooth mice/keyboards and PDAs, etc?
They have an image of the phone with the message displayed on it too.
Sure, the difference isn't that big a deal, but to most people, there isn't any real difference between Linux and Unix...
Obliteracy: Words with explosions
Bluetooth should be turned off out of the box. If an end-user is smart enough to know they want Bluetooth, they probably won't get hit with this attack.
"Here's a spoiler: You're will die alone."-Triumph the Insult Comic Dog
...better yet, a dialer that propagates itself and then sends out pre-recorded sales calls. This may sound crazy now, but will it sound crazy three years from now?
Don't be a looter...and yes, I know that it's spelled with an "A" instead of an "E".
Those who fail to learn from history, are condemned to repeat it.
Hate me!
Is a virus that spreads via phone to computer or vice versa possible?
This guy is way out there
I would love to see a simpler phone without features like Bluetooth. This would eliminate some of this out of the box. I may be in the minority, but all I need to do on my cell phone is make phone calls.
Don't be a looter...and yes, I know that it's spelled with an "A" instead of an "E".
``Oh look, Johnny sent me a new ring tone''
ZAP!
Until software companies will devote serious time to making sure their products aren't vulnerable like this, we will continue to see these types of monkey business.
You network anything, it will be used by for shady purposes by unscrupulous folk. Think about that for a minute.
So... This is the digital equivalent of an STD for 'toothers, right?
How did these 1-900 charges get on my phone bill?
I imagine that because of the cellphone frenzy there soon will be as much advertising (spam) in that medium as there is on the internet. Its just too big and too attractive a market to miss. And as cellphones get more and more features crammed into them - there will be viruses, worms, dialers. And they will be just as common.
Remind me to bring an infected phone to the movie theater every time I go.
So this is, like, the first real-world application of Bluetooth? A virus vector? You mean it's not just useless marketing hype-ware after all?!!! They are right, you learn something new every day!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
I guess now the anti-virus software people now have themselves a new market to penetrate. I guess windows boxes were not enough to maintain their business model.
"I bow to no man" - Riddick
Damn just one more thing I have to purchase with my phone subscription. A monthly charge for cell phone virus definitions for my WAP NAV
Support Texas Troops use TXGoogle
That old crank-operated phone on my parents' wall is looking better and better.
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
Unscrupulous types will drive around the suburbs with bluetooth transmitters on the top of honda civics and old hiaces, broadcasting viagra apps into our phones while we eat.
E-marketers will place transmitters everywhere, including bins, bus seats and on signs in the middle of the desert so our phones never stop telling us about products that improve our lives.
We will all begin to recieve mysterious bills for calls we made to a premium rate talking clock number while we were asleep.
Our phones will broadcast our every move and spoken word to marketing agencies, who will happily charge us for a map of the route we took to work that morning, or for telling how good our
eloqution is.
Bluetooth porn spam will being blaring out of everyones mobile the minute that slightly dazed looking yuppie walks into the room with his brand new phone that he uses for browsing on the net and email and chat and buying stuff and everything!!!
This situation(commencing next week) will continue without pause, until, faced with users mass binning their mobiles, symbian forcefully create their own virus to patch the phone on the fly as no-one , apart from geeks, will have bothered to delete the patch.
You doubt me!?! You doubt my powers of foresight?!!
So do I, but I'm sticking with my series 40 phone just in case.
May the Maths Be with you!
Most people buy bluetooth phones and don't know what to use it for, just that it's another thing they have. (I have a Bluetooth phone, but only because my Powerbook also has bluetooth and can sync wirelessly. Otherwise I keep it turned off.)
Most people really just want a phone that can hold contacts, get really great reception, and lasts a while between charges. (And, outside the US, send and recieve text messages easily.) Why not focus on these features? The same reason most car commercials are about performance and showing off instead of reliability and gas mileage; people are more convinced by flash than substance.
Repeat after me: Something that has a lot of functions doesn't do any of those things as well as a dedicated piece of equipment. (PCs are a special case; software isn't.) Just like the only unitasker in your kitchen should be a fire extinguisher, the only multitasker in your geek lair should be your PC.
I'm in the hole of the broadband donut.
In the symantec article (I could access it) it is suggested : "Turn off and remove unneeded services." I can't help laugh. Buy a blue-tooth enabled mobile phone, and turn off blue tooth stuff as soon as you have it out of the box... Or pay to have something removing the stuff you paid to get.
Hum... may I suggest not ot get such a mobile phone ?
By the way, turning off what I don't need, is something I do with my car, my house, my computer... That is why I have no viruses, no slow down, no whatever I don't want. It's a kind of brake-through: don't use what what you don't need, you'll have less problemes. Ho peoples, I am in great shape today !
That is the sound of inevitability...
-- -pjk Perry Kundert perry@kundert.ca http://kundert.2y.net
Do not answer calls from people you don't know. :D
Privacy is terrorism.
Have you tried your local Goodwill or Salvation Army?
Even garage sales have old phones...
This post is half-funny, and half-sad. Phones are getting more feature-packed every year. Where I work, I am not allowed to have any sort of camera, for security reasons. When all phones have camreas, no phones will be allowed in my office. Sad, but true.
"-1 Troll" is the apparently the same as "-1 I disagree with you."
Remind me when cybernetic implants come out, to not get one. The last thing I need is a worm infecting my cybernetic arm.
i still sit happily with my nokia 3210. IT makes phone calls, it texts. im not sure what else i need........
Really, this does not prove anything. It doesn't exploit any weakness in the system and very easy to avoid.
I am not sure how many of people who have posted before actually OWN series 60 device, but let me assure you that it's not as simple as accepting somebody's bluetooth transfer.
First of all, you must have bluetooth always on and your device available to all, which is really bad idea considering that it eats your battery much faster. Battery life of the series 60 devices is pretty small as is. Having bluetooth on is sure way to kill it further.
Second, you will have to go through few steps of actually INSTALLING unsigned application. This is VERY intrusive.
Third, this thing does not auto startup. So, when your device is drained off battery, it won't run by itself as far as I can see.
All in all, very poor attempt to create a malware for Series 60. I am sure you can get much higher propagation by installing an autoexec worm inside of S60 warez releases.
Other avenue to look into is malformed MMS message that does buffer overrun and allows to execute arbitrary code. Now this would be a real baddy because you will be infected as soon as you open a message.
Nice try, but no cake.
-- shortcut - the longest distance between two points.
It has to be assumed that any system open to the general public, can be expected to come under hostile attack from hackers/spammers/criminals/terrorists. All hardware and software deployed in the field needs to be examined carefully for this. It is even more critical when you have a "monoculture" of HW/SW, since one exploit compromises the whole system.
History has shown time and time again, hackers will expend a great deal of effort to compromise any accessible system even if just for the heck of it.
My rights don't need management.
It may be related to this morning's Akamai DNS problems. Many large sites aren't easily accessible at the moment.
Developers: We can use your help.
I have a T730 with Verizon and the phone isn't KISS at all, it's pretty complicated, capable of downloading and running software.
What bothers me is the *fake* simplicity and lockout. Why can't I just hook this phone to my PC with the USB cable and access the filesystem, transfering programs, ringtones, images and so on to the phone? With the phone software I can get some address book sync (it's such a shitty package, I regret buying it).
Of course, I know it's all about Verizon making money off of downloads, but its such bullshit selling a "closed" device with fake simplicity. Yes, I know I can get warez copies of Moto phone tools, but how much harder would it be to make the phone show up as a USB storage device? The addressbook as a CSV file? A directory each for tones and images?
we think we may have the very first blog worm this past weekend as well. after reports of a potential security exploit in LiveJournal, a small team went to work to create a "proof of concept" self-replicating javascript code designed specifically to post itself in a viewers journal.
More information can be found here
a basic example of self-generating javascript code can be found here
just code it like, right now.
it's possible.
however, for better results don't use bluetooth as the medium it transmits itself.. this now published 'worm'/trojan needs USER INTERACTION for it to spread so it is NOT REALLY EFFECTIVE. it's just shitload of hot air by some antivir companies at this point.
however, for faster spreading to idiots just put the virus online with names like "porno-game.sis" "latest-ngage-warez.sis" and alike. some suckers will download it anyways.
world was created 5 seconds before this post as it is.
Modern phones have infrared, right? So what if you combine the worm with this idea? >:)
EPOC.Cabir is a proof-of-concept worm that replicates on Nokia Series 60 phones.
Uh, talk about coding your way to job security?My cell is so old, it still has a monochromatic lcd screen.
Keep on adding gadgets, whistles, and bells onto your pda/cellphone/sattelite phone/pager/mp3 player/tooth brush/microwave oven. I'll be over here with my "archaic" cell phone, bulletproof and grinning.
"Aye sir, the more they overtake the plumbing, the easier it is to stop up the drain."
-- Scotty, Star Trek III
Dammit, and I was just starting to get the hang of Toothing
I mod down so you can mod up. Your welcome.
What legal recourse would there be?
Buy Steampunk Clothing Online!
i find this virus very interesting in that there is a need for physical proximity in order for the virus to propagate, similar to real-world viruses. in the future, will these type of virus infections be limited to certain geographical areas depending on the initial "ignition" point, or will the infection vectors be more like real-life virus outbreaks? (imaging starting an infection a new york subway versus smalltown, usa)
- Bluetooth has a 30 ft range.
- by shorting battery life users will be less likely to carry it to remote systems (a dead phone cannot transmit it).
- Bluetooth connections must be accepted.
- The file also must be accepted.
It is very similar to a virus being spread by email attachments. Most likely the only fix for this would be a stronger warning on the phone when a file is being passed from a Bluetooth connection.The grass is only greener, if you don't take care of your own lawn.
...but also other Symbain OS phones like Sony Ericsson P800/P900 and Motorola a920/a925.
if their competitor's OS was plagued with viruses and not theirs
:-)
yes but on a historical basis/precedent, it's not very likely, is it?
Perhaps we should not have sent away all the telephone sanitizers.
"Danke daß Du mich gemolken hast" said the German cow.
This is my original attempt to post this story, it got rejected, but now that someone else brought it up, I will post my version. Primarily because there are some cool links in it that should be seen:
Yesterday InfoWorld reported a new first for viruses. Believed to be the work of international group 29a, Cabir is the first worm to infect mobile phones! Cabir is a proof of concept worm infecting Symbian mobile phone operating system by Symbian Ltd, used by Nokia. Cabir does not include a malicious payload.
Don't get me wrong, being a security researcher I fully agree with the proposal to have devices that are secure out of the box. However, I doubt those devices could gain any market share against devices that are fun out of the box before any major disaster occured. Security, as well as vulnerability, tends to be invisible unless it gets in your way. The majority of the users of cellphones has no idea how vulnerable their devices are, and how it might affect them. What they are aware of are all the funny new features in their next-generation phone that shouldn't be there at all from a security point of view. In such a market, I guess, we will achieve security only after disaster.
http://erichsieht.wordpress.com/category/english/
I seem to recall that there was a rash of mobile malware in japan a couple years ago. Here's just one I found on a quick search on /.
no, seriously: if the phone is running WinCE, a VBS-Based Worm would have no problems moving from phones to computers and back. The platform-barrier would be gone.
The same could be said about java-based phones, but i doubt a java-worm ould be very successful, because of the low-level security build into the VM.
I have discovered a truly remarkable sig which this 120 chars is too small to contain.
What happens when the newest worm automatically dials 911. The system would be absolutely swamped, cops would be running around because when someone dials 911 and hangs up they still have to call, many people that actually had an emergency would never get through. It would be a serious disaster.
I'm a firm believer in the philosophy of a ruling class. Especially since I rule. -Randal, Clerks
could come from cell phones now. Or worse, your phone may start innocently distributing spam! Most of the blue tooth enabled phones have data services. I think a funnier worm would randomly dial people in your phonebook effectively letting friends and loved ones hear you bad mouth them.