Sunday, November 23, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Regin Trojan Enables Stealthy Surveillance: Symantec
ASTC Says 100 TB HDDs Coming in 2025
Alienware Alpha PC Gaming Console Now Shipping
Samsung Files ITC Complaint Against Nvidia
Europe To Ask Google Unlink Its Commercial And Search Services
Streaming TV Service Aereo Files for Bankruptcy
Square Launches Cash Register Service
Call of Duty: Advanced Warfare is the Biggest Entertainment Launch of 2014
Active Discussions
cdrw trouble
CDR for car Sat Nav
DVD/DL for Optiarc 7191S at 8X
Copied dvd's say blank in computer only
Made video, won't play back easily
New Features In Firefox 33
updated tests for dvd and cd burners
How to generate lots of different CDs quickly
 Home > News > Mobiles > New, vi...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, December 29, 2004
New, virulent Cabir mobile phone worms spotted


New versions spread more quickly than predecessors.

Two new versions of a computer virus that affects mobile phones were discovered Monday with new features that allow them to spread more quickly between vulnerable devices, according to antivirus company F-Secure (Profile, Products, Articles).

Cabir.H and Cabir.I are the latest versions of a worm that was first identified in June and affects Symbian mobile phones. There are no reported infections from the new worms. However, F-Secure said that the new viruses fix a problem with earlier versions of Cabir that prevented that worm from spreading quickly between mobile phones.

Like the original Cabir worm, dubbed Cabir-A, the new Cabir variants spread between mobile phones using a specially formatted Symbian operating system distribution (or SIS) file disguised as a security management utility. When the infected file is launched, the mobile phone's screen displays the word "Caribe" and the worm modifies the Symbian operating system so that Cabir is started each time the phone is turned on.

Infected mobile phones scan for vulnerable phones using the phone's Bluetooth wireless connection, then send a file, velasco.sis, that contains the worm to those phones. While the new Cabir variants do not destroy data on the phones they infect, they do block legitimate Bluetooth wireless connections and rapidly consume the phone's battery, F-Secure said.

Both new Cabir variants have been changed so that they can spread more quickly than earlier versions of the worm. For example, unlike earlier variants of Cabir, the Cabir.H and Cabir.I can search for and find a new target if another vulnerable phone goes out of range, the company said.

"In conditions where people move around and new phones come in contact with each other, the Cabir.H and Cabir.I can spread quite rapidly," the company said in a statement.

To be infected by Cabir, mobile phones must be running vulnerable versions of the Symbian Series 60 software and have the Bluetooth wireless feature in "discoverable" mode, making them open to new connections, F-Secure said.

F-Secure researchers are concerned by the similarity between the latest Cabir variants and the original worm code, which could mean the virus author has released the source code for the worm on the Internet.

"These new variants seem to be recompiled versions based on original Cabir source code. Which means that the Cabir source code is floating around in the underground. Which is bad news," the company said in a statement.

Other computer viruses that have had their source code published online, including the Bagle and Phatbot worms, quickly spawned hundreds of variants, as less sophisticated virus writers and malicious hackers modified the code and released their own version of the original worm.

F-Secure has not seen a copy of the Cabir code online. However, the pace of development for Cabir has accelerated in recent weeks, which may support the contention that the code has been distributed. Seven new versions of the Cabir worm appeared since Dec. 9, after months in which no new variants were spotted. There have also been two new versions of Skulls, a Trojan horse program that affects mobile platforms since the original was discovered Nov. 19, F-Secure said.

Most antivirus companies, including F-Secure, Trend Micro (Profile, Products, Articles) Inc. and Symantec (Profile, Products, Articles) Corp., offer antivirus software for mobile phones that can detect the new versions of Cabir. However, as of Tuesday, other antivirus companies had not followed F-Secure and issued alerts about the new Cabir variants.

With only a handful of examples of malicious code yet discovered, and few reports of infections outside of the antivirus lab, the threat of infection from mobile phone viruses is still very low compared with traditional computer viruses, antivirus experts agree.

From InfoWorld



Previous
Next
Taiwan makers start delivering Pentium M motherboards        All News        ATI Taiwan: Shipments of consumer-electronics chips rocket 215% on-year
China tops 329 million mobile phone subscribers     Mobiles News      Sharp to Begin Shipments of New Vodafone 902SH 3G/GSM Mobile Phones for Vodafone

Source Link Get RSS feed Easy Print E-Mail this Message

Related News
Samsung May Delay Galaxy S4 Due To Panel Manufacturing Issues
LG Optimus G LTE Smartphone Shipping Next Month
New Quad-core LG Smartphone Coming In September
Samsung Says External Source Caused Galaxy S III Fire
Galaxy Chat To Hit European Shelves This Month
Samsung Expects To Sell 10 mln Galaxy S3 Smartphones By End of July
Weak Supply Of HD Displays Will Limit Shipments Of High-end Smartphones
LG Launching Voice Recognition Service Challenging Apple's Siri And S Voice
Samsung Makes Android SAFE For Enterprises
Sharp Showcases Its "Feel UX" User Interface For Smartphones
LG Optimus L5 Makes Global Debut
LG's Quad-core Optimus 4X HD Available In Europe

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .