Slashdot Mirror
First Destructive Mobile Phone Virus In The Wild
gbjbaanb writes "eek! the BBC is reporting the first mobile phone virus that causes damage is out and about. The virus only works with the Symbian Series 60's OS (no, not the Smartphone) and spreads through an adapted copy of the legitimate Mosquitos game.
Once installed, a hidden program sends SMS texts to premium rate numbers.
That's not so bad, no doubt the premium rate numbers will be switched off soon but the worst is yet to come - "typically we see them in the wild then copycat ones come along soon after," said Sal Viveros, director of wireless security at McAfee."
"typically we see them in the wild then copycat ones come along soon after," said Sal Viveros, director of wireless security at McAfee."
he means after they are done writing and releasing the viruses, of course.
Yet another reason I'm glad I have my cell phone that ... OH YEA! Just makes calls. Who'd have thunk it?
Who doesn't like free music?
"Once we are in the 3G world, we basically have a broadband connection, so phones will be closer to PCs in terms of functionality.
"Having that connectivity historically leads to the spread of viruses."
Once more and more devices run the same OS/software and more and more people are using that same OS/software more and more viruses will be written for it. Bandwith has little to do with it.
SMS' to "premium numbers" are annoying and don't require massive mobile bandwith to work.
According to The Register, the malware was built into Mosquitos to begin with as a copy protection mechanism. I don't know whether to believe it or not -- if it's true, it's a really clever way of recouping development costs, and puts a new twist on "software that calls home".
Of course, worm writers will still catch on quickly anyway, I'll bet.
Get the full shimmy here.
First, its not a virus since it cant spread on its own. Its a trojan if its anything. Second, since this only effects people who steal software, why should i care?
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
The Register already dug into the details. The premium-rate calls were not added by a virus or by warez monkeys, but were in the original game as a way to monitor who copied it.
This is more a user intelligence program than a true threat to the symbian 60 series. If it propogated to all the numbers in a phone book (via SMS for example) then it would be something worth worrying about.
Maybe it's the leading edge of a whole, new category of consumer devices! The single purpose device that only does one thing, but does it well!
Best Slashdot Co
From the article:
The company that made the original legitimate Mosquito game, Ojom, said it had installed the program itself in earlier versions of the game after concerns over piracy.
It was intended that the program secretly send a SMS message to alert them if an unlicensed copy was being used, according to Mr Hypponen.
Watch the Teaser Trailer for "The Lightning Thief" Her
This is not a virus. It doesn't spread itself. It's simply a trojan that you have to manually download and install by bypassing two security warnings after first having found it on an irreputable site or P2P network. Hardly a threat.
:)
I'm also not sure it deserves to to be called destructive either. It doesn't destruct anything or in any way modify any other services on your phone - it simply sends SMS messages. It would be better classed as "expensive"
... a phone needs to be just a bloody phone.
1. It was not a virus. A pirated version of a game included malware that SMS'd a phone number without the users permission.
2. The malware was not added by the people who pirated the game. Interestingly, it was an intended feature of the game, included by the company.
3. The original intent of the malware was to secretly "phone home" when a pirated version of the game was being played. Because of complaints, they removed this "feature" from later versions. The pirated version was old, and still includes the "feature".
What I find interesting is that they included such a "feature" to begin with.
This virus causes 1-900 numbers to be dialed and connected for more than 1 minute (sometimes as long as 2 minutes).
Mosquitos smartphone 'Trojan' there by design By John Leyden Published Wednesday 11th August 2004 13:31GMT The Mosquitos Symbian dialler Trojan is not really a Trojan horse after all.
Many news outlets, including ourselves, reported that a trojanised version of Mosquitos game for Symbian Series 60 smartphones was circulating online and across P2P networks. Cracked versions of the game secretly sends SMS messages to premium rate numbers, according to reports on various online forums.
Illegal copies of the game display the following message on start-up: This version has been cracked by SODDOM BIN LOADER No rights reserved. Pirate copies are illegal and offenders will have lotz of phun!!!
Yesterday Symbian put out a statement which contributed to the impression that malign code was inserted into 'cracked' versions of the game by members of the computer underground. However it turns out that the hidden SMS functionality, along with a message written in the best vernacular VXer speak, was put in the game from the beginning by the original games publisher Ojom.
In an advisory, AV firm F-Secure explains: This functionality was intended to be a copy-protecting technique - it didn't work as planned and the whole functionality backfired.
The premium rate contracts for the phone numbers have been terminated, so although old versions of the game still send hidden SMS messages, it only costs the nominal fee of sending the message itself. Current versions of this game no longer have this hidden functionality, but 'cracked' versions of Mosquitos still float in P2P network - and they still send these messages, it adds.
So what appeared to be a Trojan is actually a rather sneaky and somewhat ineffective copy-protection technique. Proof that even if something looks like a duck, talks like a duck and walks like a duck it isn't necessarily Anas platyrhynchos.
Although the Mosquitos saga turns out to be an urban myth, the recent discovery of the first malware capable of infecting smartphones shatters the comforting belief the mobile phones are safe from viral infection. The threat is very low at present but shouldn't be completely discounted. ®
Do not meddle in the affairs of geeks for they are subtle and quick to anger
Nowhere in the article is that term used. And the description of the virus doesn't sound like it causes "damage" at all. The submitter's info leads one to believe the phones are made unusable.
:)
Editors, please edit before posting these stories.
"People" using "unnecessary" quotes should be "shot".
As much of a technophile as I am, I'm starting to see a disturbing trend in technology...nifty new technology that's supposed to make your life more convenient (TiVO, VoIP, multi-function cell phones) almost always end up having problems, and end up creating a lot of stress and headache (although whether this negates the device's 'usefulness' is debatable, obviously). We've had telephones for quite a while now, same thing with cars, TV, etc, but all of a sudden there are troubleshooting prodecures for everything.
I don't want to live in a world where I have to download patches and updates for my phone, TV, cell phone, alarmclock, bathroom scale, toaster, fridge, etc, every other week, or worry about them charging me money or disclosing private information. Some things work just great already and don't need all sorts of crazy upgrading, networking, or convergence. If you had a portable game thingy (not connected to any network) to play 'Mosquitoes', you wouldn't have to worry about this!
With the first link, the chain is forged.
Does allowing an application to send a text message strike people as being a pretty bad design decision?
Phone applications/games should not be able to access any function that might cost the user money. Or if they do, then the OS itself should intercept and ask the user if they wish to allow the application to send the SMS / phone call / data call. "PsychoSolitaire wishes to send a message to +XX.YYYYYYYYY. This will cost £x. Yes/No/Never"
That is just sensible and obvious design.
Slashdot:
"First Destructive Mobile Phone Virus In The Wild"
"...a hidden program sends SMS texts to premium rate numbers."
Article:
"...text messages will still be sent, although not at premium rates."
"Mosquito's Trojan does not do any other damage..."
Does anyone verify that the slashdot article actually represents the real article?
How about the malicious code writer that actually caused your problem. I agree that good OS software should be implimented no matter what device it is running, but let's not let the REAL cuprit slide on this one.
Your mammas flamebait.
I'm sure most Sybians already have viruses :)
The submitter DID NOT read the article AT ALL, and apparenty neither did the editors.
First of all, it specifically says that the phone DOES NOT text premium numbers. The problem is NOT a virus; it's not even really a trojan. It's a feature that "calls home" in case it's an unlicensed copy. Not only that, the feature was removed in later versions; the cracked version was older. They got what they deserved.
Karma: Segmentation fault (tried to dereference a null post)
I'm still using my telegraph.
Clickity-click-click!
How droll. As a former AV employee, I wonder just how the hell you are supposed to run AV on something meant for phone calls? This stupidity will never end. Next,, you will need that really cool 3D screen and a better graphics card, and then a patch for that virus, and then a controller, and a patch for that virus....
Just yesterday I saw an article that said Open Source wasn't ready for Antivirus software. Well - duh! It isn't all that necessary - yet. Most viruses are ineffective on Linux/Unix/BSD/OS/X because of FHS standards, rights and permissions.
Cell phones that play games are about as useful as the teats on a boar hog (and that is a colloquialism). It's the same old game - sell them a useless but "neat" feature that violates sensible security and then sell them a patch to correct that stupidity that they have to buy and buy and buy.
If you spend your money that way - it's your choice really, now isn't it?
All Ad hominem replies happily ignored as the sender shall be deemed to lack the faculties to comprehend the equation.
You can't sue anybody. This is a trojan inside a pirated game. The only way it spreads is for you to deliberately install it. There's no way to differentiate it from a piece of legitimate software that sends text messages.
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
Well, either the original article was changed or the article poster didn't really read the article to being with. :( In either case, that's kinda sad.
Though I'd thought that the crackers would have spotted their cracked software doing something unintended...
Interesteding historical tidbit... the Pakistani Brain virus was written with a similar anti-piracy intent in mind. Though that was a virus and spread destructively. This is just a trojan which is annoying.
If a writer really wanted to be destructive, they would have overwritten the Symbian OS boot code and firmware loading codes and executed a phone reboot. (nevermind the sim card and access to other data cards inserted into the phone)
Kinda makes me reconsider getting a more powerful phone... :(
Winged Power Photography
I advise you to turn off automatic MMS download if you have not already done so.
Orange sends crap to your phone such as trailers for Catwoman.
The "do not download if bigger than x kb" defaults to 100k but Orange will send 99.9Kb files to bypass this.
Once again the best thing is to deactivate automatic downloads of messages.
They should never allow user software to access the dialing functions. Maybe there needs to be a user/OS partition in the phone so that untrusted software has to run in a small sandbox. The last thing we need is some malware disguised as a cute toy DOSing 911 numbers on a specific day.
It would be simple to have a popup dialog that would ask the user if they want to allow the app to dial a number.
Guru Meditation #6d416769.21610a21
The thing is the victim is not the one spreading the trojan. Receivers of SMS are those that pay for it. The Trojan is inside the sender's phone.
A good feature for Symbian OS would be a sort of "mobile firewall" for user-installed applications, that notifies you before allowing random programs to do things like place calls, send messages or connect to the net (things that cost you money). If the program you're using is legitimate and you're aware of this, a simple OK would authorize the program to do that particular action (say, send an SMS). If the user said no, then the program's request would fail at the API level, no harm done.
It would prevent this sort of unfortunate situation from happening, because, who knows, the next piece of malware like this might install itsself to run all the time and pump out calls or messages, disable uninstallation or wreak any other sort of havoc.
Of course, in the end it all boils down to the end user's stupidity in installing and running untrusted programs, but a safety measure like this would be a good "last chance" before any actual monetary damage is done.
How history repeats. The Pakistani Brain is said to be the first virus 'in the wild' and it is a true virus. Another form of illegal copy protection was tried by a rather respected engineering software company. If you forgot the dongle, the whole LAN (except for the Unix machines) slowed down to a snail's pace. The solution was to re-install Windows95. Even for a small company this was very expensive. The vendor offered a non-protected version to make up for this. They hopefully removed what was probably the first true Windows virus. (True viruses are _extremely_ rare.)
Is there any question who to sue? Any use of malware for copy protection is unjustified and clearly in violation of the law in most places. This kind of crap has been tried before and it never benefits anyone.
Of course all fingers will be pointing at the authors, and even though they are assholes, the real problem is not in this 'virus' its in the the phone or the OS - it simply should not be letting add-on software have access to the sms functions! its just like the whole outlook crap. Lets say you give your plane passengers a network they can plug their laptops into to use the net, you dont then connect that network to the planes' own bloody computers and let anyone have access to the "flying the plane" functionaliy, its just stupid and if you did that and someone plugged in their laptop and said "hey look at this, i think ill fly this plane and crash it" as much of an asshole as they are it would still be your fault. This sort of stupidity has to stop - sue the people responsible.
This comment does not represent the views or opinions of the user.
I'm well aware of the needed synergy between subscriber equipment and network infrastructure. As another poster mentioned, features like cameras and SMS drive up the traffic to the $$$ benefit of the carriers, so that much makes perfect sense as to why such features are developed.
What makes no sense is that if the network coverage is suffering from what it could be, I can't take full advantage of these premium services. I can't send you a picture of my--uh, me if I get a weak or non-existent signal.
Has anyone noticed that newer phones are shaped as pure rectangles? Remember the phones like my ancient, antiquated Nokia 6160 that had a little stub of an antenna sticking out the top? It has better range because of it, but it's not "kewl" so the marketers don't want it. (This came direct from a marketing VP at a major U.S. carrier.) So you drop calls more often so that your phone can look cool. Gee, thanks for that feature!
This same major carrier even ordered the manufacturer to develop a much more cumbersome keypad layout because they didn't want their phone to look too much like a competitor's model, even though the guts are identical. So now you have to contort your fingers to dial rather than dialing by feel because--ta da--a marketing geek decided what you need, rather than asking you. Back to square one, above.
There are other issues impacting the basic handling of calls, such as layoffs and cutbacks in the performance departments of some of the major carriers, as well as some clueless upper managers, that prevent them from ensuring better network performance. That much is beyond the reach of equipment vendors, but both sides suffer when either does not maximize its potential performance.
These computer-like features that will ultimately be used for malware unbeknownst to the user do not improve the phone's performance for me, the forgotten user.
slashdot: A failed experiment.