by Glenn Hefley
According to the F-Secure website and other virus alert centers on the internet,
the Cabir virus is a bluetooth using worm that runs in Symbian mobile phone
supporting Series 60 platforms. The virus replicates over the bluetooth connections
and is placed in the phone messaging inbox as caribe.sis file. This file contains
the worm. If you are foolish enough to click on the caribe.sis file and choose
to install, Caribe installs the worm on your cell phone and begins looking for
a new phone over your bluetooth connection, starting the process all over again.
Setting you phone into non-discoverable (hidden) Bluetooth mode will protect
your phone from Cabir worm. Once the phone is infected however, it will try
to infect other systems even as user tries to disable bluetooth from system
settings.
When the Cabir worm is activated it starts looking for other bluetooth devices,
and sending infected caribe.sis files to the first device it finds.
One curious fact is that in series 60 phones the bluetooth functionality is
independent from the GSM side, and if phone is rebooted the cabir will try to
spread even if user doesn't enter PIN code.
F-Secure has a disinfection tool available on their website (http://www.f-secure.com/v-descs/cabir.shtml
)
While cell phones began as mobile emergency communication devices, grew into
primary communication devices, from there they are quickly evolving into preferred
data storage and information access devices. So it is not surprising with as
many untapped points of access available through Bluetooth connections, that
a virus has been developed to take advantage of this new opportunity.
Several of us use our cell phones as our home-computers-away-from-home. Where
we use to lug our laptops around in padded leather bags and backpacks, we now
lug around a small device in our pockets or purse. Many cell phones have almost
as much storage as our laptops and are much smaller, more convenient, the less
likely to be stolen. Smaller is not always better, but if you're choosing between
a cell phone in your pocket or a laptop on your back the choice seems fairly
obvious.
Viruses of the past may have been created as tools of destruction, but those
that create viruses today have a much more material goal in mind. There's a
great deal of money in malware and spyware programs, and virus programs (especially
worm types), are the primary vehicle for these obnoxious advertising programs.
Sadly there will come a day when cell phones are susceptible to pop-up messages
Spam text messages and automated replies. The Herald of this day is already
here. I'm sure, with all of the allowance a user is required to give this particular
virus program in order for it to propagate that even the creator of this virus
was surprised to see how quickly it's spread across the world.
So all of the old warnings for searching the Internet and opening e-mail's
are just as true for the cell phone as they are for the home computer. Do not
run unknown programs, open an unfamiliar website, or explore attached files
from unknown sources.
To be fair to Bluetooth, it is really not a security problem of this protocol.
Any thing is insecure if the user answers "Yes" to a question like
"Would you like to run this virus?" Seriously, how are you going to
protect against that?
This article may not be copied or distributed in part or in full from this site and is copyright D24 Media Limited.
|
