First Trojan for Windows CE Released

← Back to Stories (view on slashdot.org)

First Trojan for Windows CE Released

Posted by CowboyNeal on Thursday August 5, 2004 @11:53PM from the handheld-infestation dept.

Tuxedo Jack writes "Symantec and The Register are reporting that the first Windows CE trojan horse, known as Brador, has been mailed to Trend Micro. This cannot spread on its own; it must be mailed or transmitted, then opened. Once opened, it opens a TCP port, allowing the remote-controller to connect and establish control over it. As expected, this will most likely be used to make new botnets, and it leads me to wonder: will we soon need firewalls for Windows Embedded?"

5 of 213 comments (clear)

Min score:

Reason:

Sort:

Only a matter of time I guess... by pillageplunder · 2004-08-05 23:55 · Score: 4, Interesting

Interesting point that it cannot spread on its own. It appears to be following similar paths to viruses for other OS...start simple, move up in complexity and sneakiness.
Greaaaaaat.

--
"Work is the curse of the drinking class" Oscar Wilde
1. Re:Only a matter of time I guess... by Lumpy · 2004-08-06 00:55 · Score: 5, Interesting
  
  not really.
  
  The first viruses I saw back in the 80's were 20 times more elegant and amazing. they would actually attach to other programs, chaing the first byte of the software to jump to the end of the program, execute the virus, then run the program. Many would even convince the DOS dir command to lie to the user and show the same filesize as the normal program... even though a user would not really notice the file size change cince many of these viruses were smaller than 1K some less than 500 bytes.
  
  today we really dont have many viruses but simply mal-ware.... although there are some real viruses out there.
  
  granted adding network capabilities to a virus is harder, but a simple local filesystem spreader can jump network mounted drives because the OS is happy to make it easy for the program.
  
  --
  Do not look at laser with remaining good eye.
Its about time! by Anonymous Coward · 2004-08-05 23:56 · Score: 4, Interesting

Can you get virus/wormprotection for CE already at all?
diebold. by Neophytus · 2004-08-06 00:06 · Score: 4, Interesting

IIRC everybody's favorite e-voting company Diebold uses CE for their voting machines. I wouldn't be surprised if they used it for their ATMs too. There's a pretty big market to be hit if you can get a worm onto either of those private networks.
My Firewall IS running Windows CE by Air-conditioned+cowh · 2004-08-06 00:41 · Score: 4, Interesting

I just got a Belkin 54g ADSL router and have been dismayed by it's annoying habbit of not syncing for hours at a time then deciding to work again. Another ADSL modem works all the time.

I discovered that the admin interface called up a file with a .exe suffix. Oh oh. That means that the box itself is running some kind of MS software. This probably explains why it behaves in such a flakey manner generally.

I wonder how long it will be before these so-called firewall boxes are turned into zombies.

Now Windows is worming its way into more and more embedded appliances people are just having to get used to a lower and lower standard of reliability from devices that never used to crash or get viruses, such as ATM machines, firewall/routers, mobile phones etc.

I hope consumers and embedded developers become aware of this and stop the rot.