Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Symbian OS virus to replicate over MMS

Posted by CmdrTaco on from the only-a-matter-of-time dept.

Shachaf writes "A new virus, CommWarrior.a, is the first to replicate over MMS (Multimedia Message Service). From the article: 'Multimedia Message Service (MMS) is a more advanced version of the Short Message Service (SMS) familiar to users of GSM based handsets around the world, and allows rich content such as pictures, sounds, video, and applications to be sent as well as text.', and '"With MMS messages typically costing between $0.25 and $1.00 CommWarrior could prove expensive to anyone unlucky enough to be infected by it. As the virus runs silently in the background it could be quite some time before the user becomes aware of the potentially hundreds of MMS messages that have been sent," said Aaron Davidson, CEO of SimWorks.'"

19 of 179 comments (clear)

  1. First AV As well... by RobertTaylor · · Score: 3, Informative

    The first virus... but lucky there is already anti virus software out there for your p910 :)

  2. Well by Anonymous Coward · · Score: 3, Funny

    It's a good thing I have no friends then.

  3. another good reason to have a simple cellphone by Anonymous Coward · · Score: 5, Insightful

    All of my coworkers laugh at me for using such a simple phone with only basic features and services. Guess there are some benefits afterall.

    1. Re:another good reason to have a simple cellphone by gl4ss · · Score: 3, Insightful

      1: you can keep the mms settings off - there by being immune from this.
      2: you need go through the installing of the application yourself.
      3: when installing it warns you that it is not signed and potentially unsafe.
      4: you could get one of the antivirus solutions which mostly are snakeoil(because if you are smart enough to install one.. wouldn't you be smart enough to NOT click through the install?).

      the way this is most probable to spread is by intentional spreding by some kids, like other symbian 'viruses'(they're all programs that you have to click through the install by yourself) it's almost impossible to bump into this by total accident in the wild.

      what's to note is that these symbian phones are open in the same sense a pc is - ANYONE can develope anything they want for them(and they're STILL more secure than a pc with the modem plugged to the wall). including you! if you're a nerd you should appreciate that possibility, if you're not wtf you're doing on slashdot anyways?

      --
      world was created 5 seconds before this post as it is.
  4. Liability by Thnikkaman · · Score: 4, Insightful

    I wonder if this falls under the protection of the service provider. It seems to me that they shouldn't be able to charge the user for a vulnerability on their part, but what companies should do and what they actually do are very different things.

    --
    Four roommates. No microwave. You do the math.
  5. Eh.. by Eric(b0mb)Dennis · · Score: 3, Interesting

    So, the question is...

    Are the customers reponsible for all the charges incurred from this virus? Being that it probably uses a flaw in the phone's OS itself.. how is this going to work?

    Nobody is going to want fancy new fangled smart-phones if they get infected with viruses and run up your phone bill monthly..

    --
    Excuse me, I don't mean to impose, but I am the ocean
    1. Re:Eh.. by plover · · Score: 4, Insightful
      If I had a phone like this and it was infected, and it ran up a huge bill, I'd first talk to my service provider. If they refused to waive the charges, I'd then talk to the cell phone manufacturer.

      Seems like the cell providers could kill this quickly. Can't they recognize the virus signature in the messages that are transmitted? And can't they trace them back through the links to find out where it originated? Are there really holes that big allowing people to upload crap like this anonymously?

      --
      John
  6. If the virus sends a relatively uniform... by HaloZero · · Score: 4, Interesting

    ...message, on an already well known-format, shouldn't it be possible for service providers to block the messages through the MMS MX handlers? And/or simply not bill the customer for the sum of messages sent with that format. Of course, isolate them from the network if possible (remove their permission to emit MMS messages at the MX) until the malware can be removed from their device. Just a thought. Doesn't really seem right to charge users for something like that, espicially the less savvy who might not know-any-better.

    --
    Informatus Technologicus
    1. Re:If the virus sends a relatively uniform... by Capt'n+Hector · · Score: 4, Funny
      "Doesn't really seem right to charge users for something like that, espicially the less savvy who might not know-any-better."

      Yeah, god forbid a cellphone company take advantage of unsavvy customers....

      --
      Quid festinatio swallonis est aetherfuga inonusti?
      Africus aut Europaeus?
    2. Re:If the virus sends a relatively uniform... by plover · · Score: 5, Insightful
      It's not in the short-term best interests of the cellular providers to block the virus. First, it involves acknowledging the virus exists, which tends to scare people. Next, and here's the cynical greedy part, people who blindly pay their cell phone bills every month without complaint make up a large part of their customer base. If they can make a few million dollars off the virus, where's the incentive to shut it down? Willingly give out reimbursements to anyone who complains, but let the rest of them just continue to fork over cash.

      Sorry to be so cynical, but I just see these "services" (and all cell phone costs) as tremendously overpriced. It's just data. The bandwidth has a fixed cost (it's just the sum of maintenance, capital investments, marketing, etc.) Throw in 10% or 20% over cost for a profit margin, and call it done. But no, they have to have "minutes" and "plans" and "packages", all of which are expressly designed to mislead the buyers into spending as much money as possible, regardless of the amount of "service" they "consume." And we, the sheeple, consume it readily.

      --
      John
  7. Re:It's a bit offtopic, but.. by hsmith · · Score: 4, Insightful

    Why? Because it is PURE profit right now, if everyone is charging the same, they all can milk users while they can. One day it will be competitive, right now they all "agree" to keep prices high to rip off users. Do you really think SMS messages cost the $.20 they do to send? of course not. $.01 would be expensive still.

  8. Wow! by FreeLinux · · Score: 4, Insightful

    What a remarkable "coincidence".

    I never put any credence into the ativirus companies writing viruses conspiracy theories but, that one's just too fishy.

  9. Trojan not virus by lxdbxr · · Score: 5, Informative
    I know the nomenclature is largely ignored nowadays, but I would call this a trojan not a virus since it requires the user to run it to start spreading: Quote from the ZDNet version of the story:
    A recipient also has to accept and download CommWarrior in order for the Trojan to launch itself.
    It's not like it starts running as soon as you open the MMS message; you actually have to take steps to run the application contained in the message. Of course some people will run anything...
    --
    -- Nothing unusual happened today
  10. Well at least there's one alternative by PsychicX · · Score: 4, Funny

    Get a Windows CE phone :)

  11. Should this cost consumers? by junkcannibal · · Score: 4, Insightful

    It seems to me that since most people get their phones for free when they sign up for a plan, the cell phone companies should bear the cost of this virus. This cost will inevitably be passed on the the concumers. My point is that it should be the responsibility of the cell phone companies to keep their products and their networks free of viruses. Dwight Yokel BEEP BEEPING his neighbor in the next trailer over, should not be expected to pay and money or attention to this sort of concern or worry about extra charges on his bill because his cell phone company runs a flawed service.

  12. Looks like a trojan, not a virus by bojanb · · Score: 4, Interesting

    From TFA:
    CommWarrior periodically sends MMS messages to randomly selected contacts, including a copy of itself and one of several predefined text messages designed to encourage the recipient to install the application.

    Doesn't really seem this is Symbian's fault, CommWarrior just behaves like a malicious application. The user obviously has to install it and then run it to get 0wned.

    Of course, some sort of sandbox environment like in Microedition Java would have been a better design, but I guess Symbian simply wasn't built with something like this in mind. I know Nokia is pushing a model where only certified developers will be allowed to write applications that access sensitive functionality (dialing numbers, sending messages, etc.), but this is not a great solution. It will drive the cost of applications way up, and shaft all the small app developers, because only the big guys will have their apps signed by Nokia.

  13. Um...it's transmitting by SamMichaels · · Score: 4, Interesting

    Perhaps I mis-RTFA or just don't understand MMS, but whenever my mobile is active it causes amplifier noise (talk or send/receive SMS). CDMA or GSM. Computer speakers, car stereo, whatever. Wouldn't a constant transmission be noticable?

  14. Re:Just don't install stuff you got over mms from. by d95adam · · Score: 3, Interesting

    ...but the text in the MMS says: "Your cell phone clock may be wrong. Would you like to keep it accurate?"

  15. This issue is easily solved by harshaw · · Score: 3, Interesting

    Modern phone operating systems have security features built in where the application installer will only allow *signed* applications to be installed. A virus / trojan wouldn't get signed because it has to go through an acceptance program.

    The first Microsoft smartphone product had this feature turned on - normal joe's couldn't install software that hadn't been signed (the signing process usually costs $$ although recent efforts have reduced the cost).

    Symbian *has* the same functionality. In fact, most commercial symbian software should now be signed, see Symbian Signed Symbian also has the functionality to disallow users to install unsigned programs. It is just that this feature is turned off by default (at least on the phones that I have seen).

    Theoretically, all an operator needs to due is send an OTA message to turn on signing verification. This is easily done on a windows mobile and presumable via WAP push on Symbian. We probably will see operators start to turn on signing requirements by default on symbian phones (hopefully with the capability for users to turn it off so they can install freeware if they so choose).