• United States



New Trojan Horses Threaten Cell Phones

Jan 23, 20063 mins
CSO and CISOData and Information Security

Three new malicious programs are hitting certain mobile phones, anti-virus companies have warned. The Trojan horses, or programs that are disguised as legitimate applications, spread via Bluetooth or multimedia messages and can affect phones running the Symbian operating system.

The infection rate so far from the new malware is low, Symantec Corp. reported in threat warnings issued last week.

The Bootton.E Trojan horse was spotted last week by F-Secure Corp. and Symantec and is perhaps the most potentially crippling of the three to those infected. The program restarts the mobile device but it also releases corrupted components that cause the reboot to fail, leaving the device unusable.

The Pbstealer.D Trojan sends an infected user’s contact list, notepad and calendar to-do list to other nearby users via Bluetooth. The third Trojan, Sendtool.A, sends malicious programs such as the Pbstealer Trojan to other devices via Bluetooth.

Symantec and F-Secure both admit that these Trojans are unlikely to spread very widely. “They don’t spread quickly because they’re not purely autonomous,” said Ollie Whitehause, a researcher with Symantec. Unlike worms on computers that spread without users knowing, the Trojan horses hitting cell phones spread as attachments that require users to download them.

So far, worms haven’t hit mobile phones but it’s very likely that people who write viruses are working on them, said Anton Von Trover, marketing manager for F-Secure.

Because current threats are caused by what David Wood, executive vice president of research at Symbian Ltd., calls user weakness, anti-virus software for mobile devices isn’t necessary. “Unlike the case on desktop PCs where you need to have a firewall and antivirus software and you have to keep them up to date, that’s not necessary on phones,” said Wood.

But with the looming threat of vulnerabilities being found by malicious code writers, enterprises should do a better job preparing for the future, said Rob Bamforth, an analyst with Quocirca Ltd. His research shows that enterprises are much more lax about securing mobile handheld devices than laptops.

He advises enterprises to create a policy around securing such devices. Currently, that policy might not include anti-virus software because the incidence of viruses seems to be low. “But there will be a problem so they have to take the issue seriously while not necessarily taking every announcement seriously,” Bamforth said. He cautions that historically, most reports of viruses on handheld devices have come from anti-virus software firms and not end users, an indication that infection rates are probably quite low.

By Nancy Gohring – IDG News Service (Dublin Bureau)