Bob Egan's weekly column
September 23, 2004 issue
What's happeningCabir worm Mosquito Trojan Duts1520
- What are mobile viruses? Like malware in the wired world, mobile viruses are small programs that infect a host device -- in this case, smartphones and wireless PDAs. Some of the initial viruses appear to be harmless in the sense that they don't create back doors or destroy data. Others – such as Mosquito – hijack the device into calling special phone numbers that carry high fees, running up the owner's bill.
- Which devices and platforms do they target? The initial crop of viruses attack devices running Symbian Series 60 or PocketPC. Symbian almost certainly was chosen because it's the most widely used smartphone OS, so it's safe to assume that it will be the target of more viruses. However, we expect other platforms to fall victim over the next few months.
- How do they spread? The Mosquito Trojan is hidden inside a game that's downloaded over a wireless network, while Cabir is spread via Bluetooth. The variety of entry points is troubling because it shows that virus writers already have a good grasp of wireless devices' vulnerabilities.
- How can we protect against them? Expand company wireless policies to forbid downloading games and other applications not directly related to work. Educate employees about the sources and symptoms of mobile viruses, including related threats such as Bluejacking and Bluesnarfing. Explore antivirus software for mobile devices. Require wireless carriers to outline their network safeguards.
- How do we remove them? These are the early days of mobile viruses, so effect removal techniques are being developed on the fly. Uninstalling the program that carries a Trojan appears to work in the case of Mosquito. The Web sites of Symbian and virus hunters such as F-Secure also are good sources of tips for identifying and removing viruses.
Mobile Competency firstname.lastname@example.org