Cyber Eye: The clock is ticking on cellular vulnerability

William Jackson

You don't have to worry much about the recent appearance of the first worm that spreads via mobile phones.

The Cabir worm, apparently invented by virus writers in central Europe, is a proof-of-concept exploit. It hasn't been released in the wild, and there is no mischievous payload associated with it. The inventors merely sent Cabir to a couple of network security firms as a way of saying, 'It can be done.'

Compared with the speed and agility of recent Internet worms, Cabir behaves awkwardly. It masquerades as a security file, and the user must accept and install it before it can begin looking for Bluetooth wireless connections to propagate itself. Security experts don't view it as an immediate threat, given the nascent state of the art and the fact that there isn't much to gain from infecting cellular platforms.

'We're still probably two to five years away from serious issues,' said Vincent Weafer, senior director of response for Symantec Corp. of Cupertino, Calif.

So the clock is ticking. History shows that if something can be done, sooner or later it will be done. And the rapid pace of development of malicious code makes it likely that new and improved versions of mobile-phone worms will pop up sooner rather than later.

'It's not the first one that we have to worry about, it's the follow-ons,' Weafer said.
A recent report from Trend Micro Inc. of Cupertino, Calif., illustrates the trend toward faster-moving malicious code. Statistics from its World Malware Tracking Center showed 9.8 million infected computers in the first quarter of 2004, a 34 percent increase over the same period last year. Nothing surprising about that. What is surprising is that the Funlove worm, consistently in Trend Micro's top spot for almost five years, was knocked down to eighth place.
'Among all of last year's big virus outbreaks, only Sobig.F stayed in the top 20, while the rest fell off the charts during the first quarter of 2004,' Trend Micro reported.

This coup came from variants of three worms, Mydoom, Bagle and Netsky, released in January and February this year. The three stand out for the speed at which they spread.

Bragging rights and hacktivism still account for most of the malicious code released in the wild, Weafer said. These exploits usually fall into the annoyance category, but over the past year a profit motive has emerged. Spammers and'it is suspected'organized crime are using worms to build networks of compromised computers and harvest personal information.

As smart phones become more common and owners find more uses for them, spammers and hackers and thugs also will find uses.

One more thing to put on your list of things to worry about later.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above