Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mabir.A Virus Targets Symbian Phones

Posted by timothy on from the what's-a-good-synonym-for-malice dept.

adennis writes "Exploiting bluetooth and weaknesses in the OS, the Mabir.A virus, like its predecessor, targets the version of the Symbian operating system running on Nokia Series 60 handsets. Since Symbian is the dominant smartphone OS, found on phones made by Motorola, Siemens, Sony Ericsson Panasonic and Nokia, this virus could have great impact. Will mobile OS companies, like desktop OS makers, have to start an automatic update system, or will the OS creators have to start making their software secure?"

27 of 199 comments (clear)

  1. Same thing? by soniCron88 · · Score: 5, Insightful

    Will mobile OS companies, like desktop OS makers, have to start an automatic update system, or will the OS creators have to start making their software secure?

    Wouldn't an automatic update system serve to make the software more secure?

    --
    Digital Sailor
    1. Re:Same thing? by badfish99 · · Score: 3, Interesting

      No. It means that the software company doesn't have to put so much effort into security, because they can go back and fix problems afterwards with an update.
      So they get into a cycle of virus .. patch .. new virus .. new patch ... and many people have viruses all the time. Look at Windows for an example of this.
      Of course you need an update system, because you can't guarantee to find every possible security hole before you issue your code, but it's no substitute for good quality code.

    2. Re:Same thing? by ManikSurtani · · Score: 5, Insightful

      Yep, pretty much, except that I believe the author meant that s/ware should be written with security in mind from the outset.

      On a different note, what I'd loathe to see (but may be inevitable) are goddamn antivirus programs for phones. Imagine those things updating their virus dbs, etc. every time you switch on your phone...

      --
      -- Manik Surtani
    3. Re:Same thing? by Cat_Byte · · Score: 3, Insightful
      Wouldn't an automatic update system serve to make the software more secure?

      From TFA...this is a bluetooth virus. This is no different than all of the wireless routers broadcasting ssid with no encryption and the default admin password still on there. The only update that would save people would be one that forces you to change the password from 1234 if you have bluetooth enabled and are broadcasting your ID.

      --
      Two roads diverged in a wood, and I - I took the one the bus load of girls just went down.
  2. virus by theseeria · · Score: 3, Insightful

    again?....whats the point of viruses in the first place.. evil teens with no life

  3. Remember when viruses were cool? by Dancin_Santa · · Score: 5, Insightful

    There was a time when a virus could install itself just be latching onto a 3.5" disk boot sector and infect tons of machines without anyone having the slightest clue as to its existence.

    Nowadays, viruses are so pussified that they need to ask the machine owner to install them. How sad.

    1. Re:Remember when viruses were cool? by Ilgaz · · Score: 3, Informative

      For people that doesn't get what you talk about, here is my favorite DOS.

      http://www.f-secure.com/v-descs/goldbug.shtml

      Respect, really :)

      You should be glad the elite ones like below:
      http://www.f-secure.com/v-descs/hybris.shtml

      Was killed by their author I suppose.

  4. Security? by Morlark · · Score: 4, Insightful

    I'd say they'll be wanting to make these phones secure, and be sharp about it. Fair enough, these phones with sophisticated OSes are fairly new, and you might expect them to get hit by viruses to start with, but now that the first few viruses have struck the phone companies are going to want to get these phones as secure as possible, so that they can't get attacked so easily in future. Obviously, there's going to be a need to continued updates, as viruses continue to develop and evolve, but more basic levels of protection need to be introduced first.

    --
    Santa's suicide mission go!
  5. Vulnerability by Anonymous Coward · · Score: 3, Interesting

    I wonder if the fact that the recent OS X vulnerability still unpatched after more than 2 months with the symbian component of iSync is related to this? would it be possible for an infected mobile phone to use the exploit in the mrouter code on OS X to infect the OS X machine remotely?

  6. Ofcourse they have to be secure. by flubbergust · · Score: 4, Insightful

    Why shouldnt the creators make the system more secure? Its their responsibility to make it more secure. What if you have to dial 112 (911 for people in other parts of the world) and you cant? Phones have to be secure. I can live with my Windows box isnt but damned if my phone isnt secure.

    1. Re:Ofcourse they have to be secure. by jcostom · · Score: 3, Insightful
      You know, in fairness, that even if you're foolish enough to leave your bluetooth device set to be discoverable, you still have to accept the file being sent to you, unless it's coming from an already trusted device - something you've paired with.

      Anyone that gets infected with this gets what they deserve. Hopefully at this point, you wouldn't open a strange file attachment, so why would you accept a strange file on your phone?

      --

      The unsig!
    2. Re:Ofcourse they have to be secure. by hc00jw · · Score: 3, Insightful
      I can live with my Windows box isnt but damned if my phone isnt secure.

      Why? Why can you live with your computer being insecure? Why do you accept this? Especially when there are secure alternatives!

  7. Repeat after me... by jcostom · · Score: 4, Informative
    I will turn off bluetooth or set my phone's visibility to off.

    I will turn off bluetooth or set my phone's visibility to off.

    I will turn off bluetooth or set my phone's visibility to off.

    There, was that so hard? If for some reason, you refuse to do that, don't accept files from other devices unless you specifically know they're ok. You know, just like you do with your email.

    --

    The unsig!
    1. Re:Repeat after me... by DarkHelmet · · Score: 3, Interesting
      Honestly, that shouldn't be an excuse.

      Bluetooth is used commonly for things like headsets nowadays, which is particularly useful when driving of all things.

      It's kind of like saying that a system is "waiting to be hacked" by having its firewall turned off. A firewall is just one layer of security that's used in order to secure a computer.

      Phones are computers nowadays. The phone manufacturers simply cannot use bluetooth being left on as an excuse.

      Anyway, I imagine virii like this over the next few years will spark a much greater concern for security within nextgen phones.

      --
      /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
    2. Re:Repeat after me... by Zayin · · Score: 5, Interesting

      I will turn off bluetooth or set my phone's visibility to off.

      Setting your phone's visibility to off is not enough to stop attacks.

      There are already tools out there that find non-discoverable bluetooth devices. A worm might use the same technique.

      --
      "I'd rather have a full bottle in front of me than a full frontal lobotomy"
  8. Not much threat? by Richie1984 · · Score: 4, Informative

    I had to read quite a way down TFA before I actually came to the information detailing what the virus actually does.

    "At this point, mobile viruses are more of an irritant than a serious security...the messages that Mabir sends do not contain any text message, only the info.sis file.

    So it seems this virus is more of a proof that they can be spread via phones, which we already knew, rather than an attempt to actually damage or corrupt the OS. Hopefully it'lll persuade manufacturers to work more on their phone security, rather than obvious new features for the user.

    --
    I'm not stressed. I'm just terribly, terribly alert.
  9. Not a big deal.... yet by Albinoman · · Score: 3, Interesting

    A lot of people already have to update their roaming info. Why cant this stuff be updated at the same time? Current phones wouldnt be able to, but Im sure cellular providers would rather do that than suffer the wireless version of a DOS attack (you know it will happen).

  10. Re:Mabir.A ? by soniCron88 · · Score: 4, Informative

    A little dated, but:
    What's In a Name?

    --
    Digital Sailor
  11. Well, I'm not impressed by KonijnenBunny · · Score: 5, Insightful

    I own a Nokia 60-series phone and much to my surprise I encountered the above mentioned predecessor (Caribe/Cabir) in the wild. (Yep, my bluetooth's always on)
    I received over 20 identical messages by Bluetooth messaging, all containing a single application-installation file: caribe.sis I had to approve the reception of the message first before I could view the contents. As I browsed the message contents, a further warning that it contained an application was issued, and I image the standard "not-signed" warning would as well if I'd try to actually install it.

    That's 3 warnings I would have to ignore before the virus is installed. Surely in this day and age anyone's brains would have kicked in and wonder whether it would be a wise idea to install an unknown program sent to you by an anonymous stranger? Mobile-phone virii are all still very proof-of-concept in my book...

  12. Elementary measures by Savage-Rabbit · · Score: 4, Insightful

    Will mobile OS companies, like desktop OS makers, have to start an automatic update system, or will the OS creators have to start making their software secure?"

    Not having every single Bluetooth service known to man switched on by default when the phone leaves the factory would be a good start. The first thing I did when I got my new PDA phone was to switch everything off except the BT Headset and File Transfer which I set to Maximum possible security since it wasn't set like that by default. Strictly speaking the FT services should only be activated on a need-to-use basis but I don't carry alot of sensitive information on my PDA phone and what there is I have encrypted on an SD card. That would incidentally be another good idea, if manufacturers were to install some sort of file-vault software as standard. I had to install the file-vault software as an optional software package from the companion CD that came with my phone.

    --
    Only to idiots, are orders laws.
    -- Henning von Tresckow
  13. Re:Want a surefire solution?? I have the answer. by imipak · · Score: 5, Insightful
    Want a surefire solution?? I have the answer. [...] And it ain't pretty. Death penalty for virus writers.

    What a great idea. I'm sure this will work just as effectively as the USA executing alleged murderers - brutal as it sounds, it has at least reduced the murder rate to one of the lowest in the world.

  14. Another FUD from F-Secure by S3D · · Score: 5, Insightful

    This theme is beat to death. So called "virus" require answer "Yes" three times to be installed. The most vocal reporter of these viruses is F-Secure, manufacturer of anti-virus software for symbian phones. Their CEO speaking on one of the previous virus: "somehow, I'm not sure exactly how this virus get installed on my phone" He did't remember answering "Yes" three times ?

  15. Handheld viruses by springbox · · Score: 3, Interesting
    I'm not familiar with this particular handheld OS, but it would be funny if someone tried to write a virus for the PalmOS, because it largely wouldn't work.

    "Please execute this program to destroy your system" is what the approach would have to be and doing a hard reset of all of the memory and hotsyncing it would completely wipe the thing out of the system. This is where volatile memory and a somewhat restrictive setup will benefit the user.

  16. Worms by nmg196 · · Score: 3, Insightful

    Why is Slashdot's icon (top right) for the "worms" section a picture of a caterpillar, which is in no way related to a worm?

  17. Symbian OS will never be secure by Anonymous Coward · · Score: 5, Interesting

    I'm am an experience commercial software developer on the Symbian platform. I have a strong background in many other platforms and i the context of this message, my anonyminity is important since my company can be sued by Symbian just for a biased negative opinion of Symbian made publicly.

    Symbian OS is the most expensive platform to develop on. This means more expensive money and time wise. It takes 3 times as many developers to deliver the same product in twice the time as on comparible platforms (brew, iTron, etc...) as for platforms with real development tools such as Windows Mobile, we use ten developers on Symbian to every one on Windows Mobile to produce a lesser product.

    Symbian has limited hardware level debugging support (if any at all), they lack so much as a command prompt to log to.

    They lack decent compilers and you're stuck with GCC or ARM Realview (neither are that good, satisfactory at best on ARM).

    Documentation is aweful at best.

    A simple program requires you to just through hoops, more complex sets the hoops on fire.

    The emulator environment emulates nothing and simply tries to implement the Symbian UI APIs on Windows and all system level stuff is just layered on Windows. That's fine if you don't need to do anything at the system level.

    The development environment is heavily based on CodeWarrior these days. I find this funny since every other company (Nintendo, Sony, Be, Apple, etc..) where Metrowerks had a good footing, the companies found it more profitable to dump CodeWarrior and do it themselves instead. Symbian is the only company stupid enough to choose to rely on Metrowerks, especially with their pathetic resume.

    As for security, the fact that anyone could possibly ship a product based on Symbian is a miracle in itself. As for securing it as well, I think you're just asking too much.

    1. Re:Symbian OS will never be secure by Anonymous Coward · · Score: 5, Interesting

      10 odd years of reading /. and it takes this to get me to post...

      I've been working with the Symbian OS for some time and the parent smells strongly of BS...

      > Symbian has limited hardware level debugging support (if any at all), they lack so much as a command prompt to log to.

      There is support for both hardware level debugging and there has been a working command prompt for several versions. I suggest you ask Symbian (nicely) how to access these.

      > They lack decent compilers and you're stuck with GCC or ARM Realview (neither are that good, satisfactory at best on ARM).

      What's wrong with GCC suddenly? It's bad compared to what? MS Visual Studio? Arm compilers are what you get for ARM chips - still the undisputed leader for the mobile market.

      > Documentation is aweful at best.

      It is patchy. It's getting better...

      > That's fine if you don't need to do anything at the system level.

      I've seen a variety of system level debugging on the emulator. Maybe you need some pointers?

      > The development environment is heavily based on CodeWarrior these days.

      I'm told Symbian has good feedback into Metroworks and gets their CW specifically tailored for them so maybe it's better than their usual product.

      > As for security, the fact that anyone could possibly ship a product based on Symbian is a miracle in itself.

      Which is obviously why they have something like 80% of the smart mobile market...

      > As for securing it as well, I think you're just asking too much.

      The next big release is supposed to be all about security.

      > as for platforms with real development tools such as Windows Mobile, we use ten developers on Symbian to every one on
      > Windows Mobile to produce a lesser product.

      So why are Microsoft content to deals with Symbian that hurt their own mobile devision? Even they seem to have given up on their own product...

  18. All I want is a phone! by Zemplar · · Score: 3, Interesting

    Am I the only one that misses some of the great cell phones that were actually designed specifically to be the best form of wireless voice communication? I sure wish I could buy a new manufacture Motorola StarTac today!! Black-on-green screen - NO crappy color screens. No stupid ring tones. No photo album. No crappy camera. Two-WEEK standby time!! Just a damn good PHONE...nothing else.

    /rant