Monday, January 23, 2006

Trojan Horse Viruses Attack Cell Phones

pzaerkjNew Trojan Horses Threaten Cell Phones
Three new malicious programs are hitting certain mobile phones, antivirus companies have warned. The Trojan horses, or programs that are disguised as legitimate applications, spread via Bluetooth or multimedia messages and can affect phones running the Symbian operating system.

The infection rate so far from the new malware is low, Symantec reported in threat warnings issued last week.

The Bootton.E Trojan horse was spotted last week by F-Secure and Symantec and is perhaps the most potentially crippling of the three to those infected. The program restarts the mobile device but it also releases corrupted components that cause the reboot to fail, leaving the device unusable.

The Pbstealer.D Trojan sends an infected user's contact list, notepad, and calendar to-do list to other nearby users via Bluetooth. The third Trojan, Sendtool.A, sends malicious programs such as the Pbstealer Trojan to other devices via Bluetooth.

Symantec and F-Secure both admit that these Trojans are unlikely to spread very widely.

"They don't spread quickly because they're not purely autonomous," says Ollie Whitehause, a researcher with Symantec. Unlike worms on computers that spread without users knowing, the Trojan horses hitting cell phones spread as attachments that require users to download them.

In the Works?

So far, worms haven't hit mobile phones but it's very likely that people who write viruses are working on them, says Anton Von Trover, marketing manager for F-Secure.

Because current threats are caused by what David Wood, executive vice president of research at Symbian, calls user weakness, antivirus software for mobile devices isn't necessary. "Unlike the case on desktop PCs where you need to have a firewall and antivirus software and you have to keep them up to date, that's not necessary on phones," says Wood.

But with the looming threat of vulnerabilities being found by malicious code writers, enterprises should do a better job preparing for the future, says Rob Bamforth, an analyst with Quocirca. His research shows that enterprises are much more lax about securing mobile handheld devices than laptops.

He advises enterprises to create a policy around securing such devices. Currently, that policy might not include antivirus software because the incidence of viruses seems to be low.

"But there will be a problem so they have to take the issue seriously while not necessarily taking every announcement seriously," Bamforth says. He cautions that historically, most reports of viruses on handheld devices have come from antivirus software firms and not end users, an indication that infection rates are probably quite low.