Slashdot Mirror

← Back to Stories (view on slashdot.org)

Proof of Concept PocketPC Virus Created

Posted by Hemos on from the only-a-matter-of-time dept.

SpooForBrains writes "The Register has reported that "Ratter" of the virus writing group 29A has created the world's first PocketPC virus as a proof of concept. This one has no payload and is polite enough to ask if it can spread, so the dangers are minimal, but it occurs that the possibility of PocketPC and Symbian virii suddenly makes the concept of bluejacking somewhat more sinister."

10 of 152 comments (clear)

  1. bluejacking by mpost4 · · Score: 2, Informative

    The user to my understanding still has to accept the incomming file. so just make it a polocy (like email) don't open a file unless you are expecting it. Better yet turn of bluetooth discoverbility.

  2. Re:How many times? by Anonymous Coward · · Score: 4, Informative

    How many times does it need to be said that no one realy cares?

  3. Re:No danger yet. by mischalla · · Score: 2, Informative

    Quote from the article: "...The same group created a virus capable of infecting mobile phones running the Symbian OS, called Cabir, in June. Cabir - like Duts - was a proof-of-concept exercise..."

  4. Re:Bluetooth viruses... by S3D · · Score: 2, Informative

    So called "Nokia virus" was a more a sham then a real threat. To spread it would require three time answer "yes" on different security warnings: "Recieve message via Bluetooth...?" Yes "Install Caribe ?" Yes "Application is not signed , identity can not be veryfied install on your own risk..." Yes. There is no way to bypass thouse messages.
    It would be interesting if the affected Bluetooth-enabled Nokia phones mentioned in a previous article a few weeks ago were somehow able to transfer their goods to PocketPCs No it's not possible, Symbian and PocetPC are not binary compatible.

  5. Mr Billy G is NOT a Sir by NeonSpirit · · Score: 3, Informative

    I know it's being predantic, but Bill G has an honorary knighthood. Only citizens of countries which reconise the queen as head of state can have full or substantive awards.

    The rules are explained a little better here

    --
    I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered.....my life is my own.
  6. Re:I'm surprised we haven't seen Palm viruses. by brandorf · · Score: 2, Informative

    There already are PalmOS viruses. See here for an example. The key difference is that PalmOS has had only recently gotten any sort of wireless connectivity. So these virus all spread via human intraction (i.e. Hotsync of an infected file, or IR beam of an infected file).

    Give it time and there will be ones that spread via bluetooth or WiFi.

    --


    Bork Bork Bork!!
  7. Not phones, not big news (but here's a link anway) by LondonLawyer · · Score: 2, Informative

    Unless there is a flaw on the implementation of the phone can this kind of virus really spreads?

    It's not a phone virus, it's a Pocket PC virus.

    From the article:

    The first computer virus to infect handheld devices running Microsoft's PocketPC OS was discovered over the weekend... Cabir - like Duts - was a proof-of-concept exercise. In both instances, 29A sent its malicious code straight to anti-virus firms.

    To my mind, the word "discovered" doesn't really apply here.

    Previous attempts have been made to monkey around with handhelds. Google is now overflowing with this latest 'news' but I am pretty sure this is not a first. Palms have had their IR connections compromised. Pocket PCs were never going to be bulletproof in the first place.

    This threat assessment might be useful to someone.

  8. Re:E-Darwin by Anonymous Coward · · Score: 1, Informative

    and with security issues and an expanded user base you are bound to get viruses running around,

    You know I keep hearing this..."The only reason that Linux doesn't have as many exploits ...bla bla bla It does not work that way. If that were true shouldn't the worlds most common web server (Apache) have the most vulnerabilities?

  9. Do not use virii by robnauta · · Score: 3, Informative

    The word 'virii' never existed in Latin. The plural for 'virus' can be 'viri', but since the plural of 'vir' is also 'viri' even the old Romans avoided 'viri' as plural for 'virus'. Ending a word with 'ii' is not Latin, it's not common in any language. It's as obnoxious as writing Micro$oft.

  10. Re:E-Darwin by linuxci · · Score: 2, Informative

    Don't kid yourself. This was very much an error in the Mozilla team's way of thinking. The insecure interface that Windows had, never should have been exposed to the Internet.

    Wrong! It was a protocol, and the way an application is meant to handle unknown protocol schemes is to pass them to windows. That's why mms:// links open media player under windows.

    Therefore it was upto Microsoft to ensure any protocol accessible to applications was safe to use on the internet. Why else would it have been implemented as a protocol handler?