In Brief

How to Keep Those Handsets Clean

Mobile phone malware you should be aware of

By David Geer

October 01, 2006 — CSO — Mobile phone malware—viruses, worms and Trojan programs created to attack the devices—are rare in North America but prevalent in Japan and Europe, where 3G technology is more popular, according to Corey Nachreiner, a network security analyst at vendor WatchGuard Technologies.

By the time such malware hits domestic users' handsets—about two years away—the programs are expected to blend into more complex threats. Some examples recently hitting overseas users include:

The Doomboot trojan perpetrates denial-of-service attacks by billing itself as "Warez"—premium games that have been compromised to allow free use, says Seth Fogie, VP at mobile security vendor Airscanner. Devices work until they are rebooted. Doomboot enters via Bluetooth's discovery mode, the Web and e-mail.

Cardtrap spreads to phone memory cardsâ¬which can be inserted in computers to sync up a music download, picture or ringtoneâ¬where it can infect again, Fogie says.

Redbrowser is a Russian wireless application protocol browser that offers itself to users who don't have one. It offers to send free SMS messages but actually charges the user $5 to $6 per message.

Crossover detects and infects devices via an ActiveSync connection for Windows PCs. It can spread from phones to computers. Crossover has not been detected in public yet; in concept it fills up phone memory with useless data and exhausts phone resources, Fogie says.

Buffer overflow vulnerabilities exist in the Windows Mobile software, according to Fogie, in cases where an application has not been programmed to properly check the format of incoming data. Such attacks will become more prevalent as the platform grows, Fogie says.

• Email
• Print
• Comments
• Digg This
• SlashDot