Malicious code targeting PDAs identified

The first backdoor code for personal digital assistants has emerged, raising concerns that handheld devices soon could be targeted by hackers.

The code, called Backdoor.WinCE.Brador.a, was identified by Kaspersky Labs. It is 5,632 bytes and targets PDAs running PocketPC. The Moscow-based antivirus company called Brador a classic Trojan backdoor program, which could expose handheld devices to remote exploitation.

'WinCE.Brador.a is a full-scale malicious program ready to go,' said Eugene Kaspersky, the company's head of antivirus research. 'Unlike proof-of-concept malware, Brador has a complete set of destructive functions typical for backdoors.'

Security experts said the threat from Brador is not imminent, but probably is inevitable.

'We aren't seeing it spreading at this point,' said Dee Liebenstein, group product manager of Security Response for Symantec Corp. of Cupertino, Calif. 'It's the scenario for the future that raises concern.'

The sample seen by Kaspersky was attached to an e-mail from a Russian sender and with Russian text. It creates an executable file in the PDA's autorun folder so that it takes over whenever the device is turned on. It identifies the IP address, contacts the author and opens port 44299 for further commands.

The author was offering to sell the client code.

'Malware development for mobiles is passing through the same stages as for desktops,' Kaspersky said. 'We will probably see a serious outbreak of viruses for handhelds sometime soon.'

Backdoors require a delivery vehicle to spread them. These could include e-mail or a Web site that downloads the code, but the most effective delivery system for widespread infection is a worm, which has not yet appeared optimized for PDAs.

'There still is a lot of hard work to be done to get an effective mechanism,' Liebenstein said. 'But this probably should raise concern. Mobile devices are going to be the next targets.'

Liebenstein said PDA users should protect their devices with antivirus software. So far this has been an option, but the time will come when it is a necessity, she said.

'We have been warned.'

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected