After ringing warnings bells for months about the threat of computer viruses for mobile phones, security experts today are reporting the first multimedia messaging service (MMS) virus, CommWarrior, which has the potential — so far unrealized — to spread to cell phones all over the world.
Security firm F-Secure said CommWarrior was foreshadowed last January when attackers discussed a Symbian Series 60 mobile phone virus that could spread by sending MMS messages — images, audio or video clips — to addresses on contact lists on infected phones.
In the Works
“The virus has potential to spread globally” through SMS, F-Secure said in a press release. “So far, however, it has failed to do so and is replicating slowly — an anomaly being carefully investigated by the F-Secure Anti-Virus Research Team.”
F-Secure, which promoted the protection it offers against CommWarrior on susceptible Symbian Series 60 mobile phones, said that although the virus may not be causing a widespread outbreak, it could cause billing problems.
“The situation is not critical since we have not received a lot of reports from our customers,” said a statement from Antti Vihavainen, F-Secure director for mobile operator solutions. “However, CommWarrior creates unwanted billing for the owners of infected phones by sending MMS messages without user interaction.”
Mobile Virus Matures
Despite CommWarrior’s ability to spread via MMS, Vihavainen said, none of the current mobile phone viruses can install themselves without triggering standard security warnings for users.
Ken Dunham, iDefense director of malicious code, told TechNewsWorld that this type of mobile phone virus could be expected given the sharp rise in attacks on mobile phone platforms and the availability of source code for viruses such as Skull and Cabir.
“During the last half of 2004, Bluetooth worms shot through the roof,” he sad. “We’ve predicted multiple new variants with additional functionality.”
Dunham said CommWarrior was the latest example of how mobile phone attacks are “finally beginning to get attention from hackers.” Recent hacks on devices belonging to celebrities such as Paris Hilton and Fred Durst have also highlighted the increased attack activity around mobile phones.
Dunham said the reported ability of the virus to spread via MMS was particularly significant and could pave the way for more widespread mobile phone attacks.
“That means it has the capability to go well beyond the traditional worms we’ve had in this medium,” he said. “It broadens the exposure of vulnerable devices. It’s not just Bluetooth, it’s MMS.”
Dunham said the danger from the CommWarrior was largely dependent on whether it could copy itself to other types of mobile phones. He is leading a team at iDefense that is investigating the new virus and whether it could spread beyond Nokia Series 60.
Dunham also said the virus may present an opportunity for attackers who are working on malicious code in an effort to increase functionality, such as efforts to send spam, direct users to malicious Web sites or otherwise misuse infected mobile devices.
DataComm president Ira Brodsky told TechNewsWorld that unlike PCs connected by the Internet, wireless is a much more closed environment, making a general attack on cellular phones difficult.
Nonetheless, Brodsky said, the new wireless worms highlight the need for mobile phone users to be aware of security and for providers — both manufacturers and operators — to test devices and technology to make sure wireless handsets are not “an accident waiting to happen.”