Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Trojan for Windows CE Released

Posted by CowboyNeal on from the handheld-infestation dept.

Tuxedo Jack writes "Symantec and The Register are reporting that the first Windows CE trojan horse, known as Brador, has been mailed to Trend Micro. This cannot spread on its own; it must be mailed or transmitted, then opened. Once opened, it opens a TCP port, allowing the remote-controller to connect and establish control over it. As expected, this will most likely be used to make new botnets, and it leads me to wonder: will we soon need firewalls for Windows Embedded?"

8 of 213 comments (clear)

  1. Re:i find it interesting by SenseiLeNoir · · Score: 2, Informative

    that was a concept worm.. not a real worm, please do not do a SCO and make something seem different to what it really is.

    Secondly it uses the standard Bluetooth file transfer mechanism, and does not exploit any vulnerability. The symbian (certainly on my p800) system will recieve a file ONLY if it is paired to the phone, otherwise you get a message specifically asking if you wish to recieve it.

    Once recieved, you have ot open the warn, read about two or three warnings, telling exactly what is happening before you even get to the point of installign the application. Finally the application needs to be physically started.

    Finally being a 10meter range on bluetooth, guess what the biggest limiting factor is!

    I know users can be stupid, but this one woudl most probably remain a concept, nothing more

    --
    Have a nice day!
  2. Re:Its about time! by anno1602 · · Score: 2, Informative

    RTFA. The link that has details to the Virus has update instructions for Symantec AntiVirus for Handhelds (TM). So, in a word: Yes.

  3. Re:Its about time! by SpinyManiac · · Score: 2, Informative

    And Trend.

    --
    It's never too late to have a happy childhood.
  4. Re:Of course we're going to need firewalls... by thpdg · · Score: 4, Informative

    Don't forget that with Windows CE, when you do a hard reset, it's like formatting a hard drive. Any updates you have on, will be erased and need to reinstalled. For some users, that would need to happen pretty regularly.
    It's because of this, that most Windows CE updates are in the form of ROM updates, and these don't usually make it to consumers, and when they do, are a pain to install.
    There are ways around it, but Microsoft isn't showing any effort, perhaps now they will. Everytime I reset, I have to install the updates for Pocket MSN and Pocket IE from flash card again.

    --

    -Patrick

    "They never stop thinking about new ways to harm our country and our people, and neither do we."

  5. Re:Marketshare isn't an issue either with this by fiftyvolts · · Score: 4, Informative

    I'm a Mac user, perhaps even a ac zealot, but I'll admit that there are security issues with OS X. First of all no matter what OS you run someone can make a Trojan horse. It's quite easy to write a program that just zaps all your files or something. If you can convince someone to run your code, no matter how many warnings the OS throws up, then you've pretty much got them by the balls so to speak.

    In addition there was on quite scary vulnerability with macs. As you may know when you double click an Icon OS X helpfully tries to figure out how to "do what you mean." It is possible to hide executable code in the data tags on a mp3 that OS X will (helpfully?) run when it is double clicked. If you play it through iTunes it will seem like a regular mp3, but opening it could run malicious code

    I am still of the opinion that windows is swiss cheese when it comes to wholes, but no operating system is immune to duplicity

    --
    100% Crunchier
  6. Re:Marketshare isn't an issue either with this by mst76 · · Score: 4, Informative

    Except that this isn't a virus or a worm, it's a trojan. Trojans are trivial to make for any OS that can execute applications. You can probably come up with your own OSX trojan in 30 seconds.

  7. Re:Of course we're going to need firewalls... by RevAaron · · Score: 4, Informative

    Good point, if WinCE based machines operate in a network manner the same as desktop Windows. Are they in any way comparable? If you somehow had a desktop running WinCE, would it be comparable to say, a Win XP machine with its networking?

    Short answer: yes.

    Long answer: Pretty much. CE doesn't have the services with ports open that regular Windows does, but otherwise the networking system is very similar in its capabilities. When it's on it's always on. CE is a lot like regular NT/XP in a lot of ways in its capabilities, though it was done from scratch, which benefits it a lot. It has a substantial subset (think Carbon from Mac OS Toolbox) of the Win32 API found in XP.

    --

    Working toward a usable PDA environment in the spirit of Newton OS: Dynapad
  8. Re:Only a matter of time I guess... by bsmoor01 · · Score: 2, Informative

    NTFS