Text Message Replies May Carry Malware

The latest twist in mobile malware, Mabir.A, poses as a reply to a text message a user has already sent. The virus targets Symbian Series 60 phones just as did CommWarrior and Cabir, the two other know mobile phone viruses, but it is not expected to spread quickly, according to security experts.

Mabir.A has very similar code to Cabir and was probably written by the same person, said F-Secure, the company that discovered the virus. Mabir.A, however, spreads by waiting for an SMS or MMS message to come in. When it does, the virus sends itself as an MMS reply to the sender’s phone.

Going Nowhere Fast

“We saw low propagation rates with Cabir and CommWarrior, so I’m expecting that this malware will not spread very quickly either,” Ed Moyle, president of SecurityCurve, told TechNewsWorld.

Cabir and CommWarrior searched for Bluetooth-enabled Symbian phones and sent themselves to the phone numbers stored in those devices. Moyle said the virus requires the phone user to install it before it can infect the device, making it unlikely it will become a serious threat.

“When the phone receives Mabir, for example, the user is shown the text, ‘Install caribe?’ and has the option of specifying either ‘yes’ or ‘no.’ Since there isn’t any text in the reply message, this would be analogous to receiving an e-mail from someone you know with no content and an executable file attached. In that case, most of the time, the receiver wouldn’t run the executable.”

Expect More Malware

Mabir.A was discovered by F-Secure, which said that it had not been found in the wild, but cautioned that Cabir’s writer said in a magazine interview that he planned to write more mobile phone malware.

While there may be no way to prevent Mabir.A’s attempt to spread, one analyst said infection is not the biggest problem with this malware. “Short of abstaining from text messaging, it isn’t clear how a user would prevent the phone from becoming infected,” David Friedlander, senior analyst, Forrester Research, told TechNewsWorld. “There’s no reason to panic, though.

“At this point, mobile phone viruses are few and far between, and don’t carry a malicious payload. The real issue is that carriers will get unwanted traffic on their networks. As the viruses become more sophisticated over the next 2-3 years, we may see denial-of-service type attacks on mobile networks.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels