Information security company Kaspersky Labs said it has detected a new computer worm that can affect Symbian-based smart phones. Although the software firm said it appears the virus hasn’t yet affected any users, the news could mark a sign of times to come.
Kaspersky Labs said the network worm is called Cabir, a Symbian distribution file, and can affect Symbian-based smart phones by disguising itself as a security file. If launched, the file displays the word “Caribe” on the phone’s screen and will do so each time the phone is turned on. Kaspersky said once the worm is installed, it uses Bluetooth short-range wireless technology to scan for other Symbian devices to send out additional copies of itself.
Kaspersky said a virus writer called Vallez created the worm. The firm said the name tracks back to 29a, an international group of virus writers. The group specializes in creating proof-of-concept viruses, including macro virus Cap, .NET virus Donut and Win64 virus Rugrat. Kaspersky said it has so far not discovered any “malicious payload” in the Cabir virus.
“We’re very serious about viruses and security concerns,” said Peter Bancroft, Symbian’s vice president of communications. “Clearly it’s an issue for us.”
Bancroft said the Cabir virus can only be installed if the user makes several specific choices. First, the user must agree to a Bluetooth connection and then must agree to install the Cabir file, which would be labeled with the warning “unable to verify supplier.” Further, Bancroft said the new Symbian Signed application certification program would alert users to unauthorized and potentially dangerous applications like Cabir.
Symbian sells an operating system for advanced mobile phones and counts Nokia Corp. as its main customer.
Although rare, there have been other documented wireless viruses. Two of the most-cited incidents of wireless security breaches include a virus in Spain that spread through text messages and another in Japan in 2000 that caused users’ mobile phones to dial the country’s emergency services number. Such instances have lured computer-security companies like Brightmail Inc. and Network Associates Inc. into the wireless industry.