Digital Edition

SYS-CON.TV
Cabir Virus Attempts to Jump from Phone to Phone Using Bluetooth
Cabir Virus Attempts to Jump from Phone to Phone Using Bluetooth

The "proof-of-concept worm" known variously as Worm.Symbian.Cabir.a, Cabir, and EPOC.Cabir replicates on Nokia Series 60 phones, says a security alert posted by Symantec yesterday.

The French unit of the Russian security software developer Kaspersky Labs said that that virus appears to have been developed by an international group called "29a" - based in the Czech Republic and Slovakia - which specializes in creating viruses that try to show that no technology is reliable and safe from their attacks.

"This worm repeatedly sends itself to the first Bluetooth-enabled device that it can find, regardless of the type of device. For example, even a Bluetooth-enabled printer will be attacked if it is within range," says the Symantec alert.

The worm spreads as a .SIS file, which is automatically installed into the APPS directory when the receiver accepts the transmission. When EPOC.Cabir is executed, it:

  • Displays a message, then copies itself to a directory on the phone. (This directory is not visible, by default.)
  • Runs from this directory when the phone is restarted, so that it continues to work even if the files are deleted from the APPS directory.

Once the worm is running, it will constantly search for Bluetooth-enabled devices, and send itself to the first device that it finds. There is no payload, apart from the vastly shortened battery life caused by the constant scanning for Bluetooth-enabled devices.

According to Reuters, Matias Impivaara, business manager for mobile security services at Finnish security software firm F-Secure, believes that mobile viruses will become more dangerous when they can spread without human intervention.

"The main [turning] point will be when the virus-writing community knows the software well enough...to find holes," Impivaara said, adding:"The information about the [Symbian] operating system is very close to the hands of the virus writers."

The Cabir worm could be a trigger to start developing these ideas earlier, he admitted.

In its threat assessment of Cabir, Symantec rates the virus as having low geographical distribution, easy threat containment, low damage, and moderate removal difficulty. For more information from Symantec about Cabir, see Symantec's Web site.  

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

This virus isn''t a threat at all according to the related news article from Yahoo, but then again, people''s desire to create destructive viruses has been proven inevitable mostly at these times of technology advancement. Eventhough it''s not disastrous, be warned because this starts serious follow-ups. Do not receive items from an unknown source, it can or may damage your phone in the coming future of this Mobile viruses.

No.. that would make it a trojan.

The definition of a worm isn''t to do with whether or not it needs a user to run it - its just about whether it propgates via a network by itself rather than having users do the spreading.

A virus hides itself in other executables and runs itself via proxy with the user not realising it. But it gernerally requires the user to do the distribution (generally without realising it).

A trojan is simply a program which is malicous but pretends to be something else. If it happens to spread itself when run that doesn''t make it a worm or a virus, but just a self spreading trojan. It would be closer to a trojan-slash-worm than a virus.

In simple terms, if it cannot infect a system without the user''s help, it isn''t a worm it''s a virus.

what distinguishes a worm from a virus? "Mobile worms" just sound so loathsome...

Sooo...Symbian smartphones are insecure

and contrary to Microsoft powered cell phones they can easily catch a virus (worm). Why would you like to buy an insecure cell phone? Don''t buy it! Don't buy Symbian cell phones!

I firmly believe that a virus that spreads via phone to computer or vice versa is technically possible. Now (maybe...) just around the corner undoubtably....

I occasionally study virus/worm source code (or hex!) when AV cleanup guides seem unclear. Technically I''m often impressed by the talent and intelligence demostrated by some of these guys (and girls, sorry Gigabyte :) but feel sad at what I see as misguided output of some amazing coding talent. More than anything I feel sad because I remember people that have been hurt by their creations, e.g:

I once had to tell someone working as an admin in a hospital that she had just lost 3 years of her hard work on 5 1/4''s floppies (this is before harddisks/AV were common!) due to stoned virus. Believe me she cried a lot. Experiences like that stay with you and that''s just one of what has now been too many experiences. So I offer no proof because I have no wish to help give ideas or speed the progression of something I don''t want to see, even though VXrs and many other people know it will be evitable :(




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
While some developers care passionately about how data centers and clouds are architected, for most,...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...
The question before companies today is not whether to become intelligent, it’s a question of how and...