Three new malicious programs are hitting certain mobile phones, anti-virus companies have warned. The Trojan horses, or programs that are disguised as legitimate applications, spread via Bluetooth or multimedia messages and can affect phones running the Symbian operating system.The infection rate so far from the new malware is low, Symantec Corp. reported in threat warnings issued last week.The Bootton.E Trojan horse was spotted last week by F-Secure Corp. and Symantec and is perhaps the most potentially crippling of the three to those infected. The program restarts the mobile device but it also releases corrupted components that cause the reboot to fail, leaving the device unusable.The Pbstealer.D Trojan sends an infected user’s contact list, notepad and calendar to-do list to other nearby users via Bluetooth. The third Trojan, Sendtool.A, sends malicious programs such as the Pbstealer Trojan to other devices via Bluetooth. Symantec and F-Secure both admit that these Trojans are unlikely to spread very widely. “They don’t spread quickly because they’re not purely autonomous,” said Ollie Whitehause, a researcher with Symantec. Unlike worms on computers that spread without users knowing, the Trojan horses hitting cell phones spread as attachments that require users to download them.So far, worms haven’t hit mobile phones but it’s very likely that people who write viruses are working on them, said Anton Von Trover, marketing manager for F-Secure. Because current threats are caused by what David Wood, executive vice president of research at Symbian Ltd., calls user weakness, anti-virus software for mobile devices isn’t necessary. “Unlike the case on desktop PCs where you need to have a firewall and antivirus software and you have to keep them up to date, that’s not necessary on phones,” said Wood.But with the looming threat of vulnerabilities being found by malicious code writers, enterprises should do a better job preparing for the future, said Rob Bamforth, an analyst with Quocirca Ltd. His research shows that enterprises are much more lax about securing mobile handheld devices than laptops.He advises enterprises to create a policy around securing such devices. Currently, that policy might not include anti-virus software because the incidence of viruses seems to be low. “But there will be a problem so they have to take the issue seriously while not necessarily taking every announcement seriously,” Bamforth said. He cautions that historically, most reports of viruses on handheld devices have come from anti-virus software firms and not end users, an indication that infection rates are probably quite low.By Nancy Gohring – IDG News Service (Dublin Bureau) Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe