THE first computer worm designed to spread between cellphones was demonstrated last week. And though it was dismissed by phone makers as a harmless prank, experts say it is only a matter of time before a truly destructive specimen arrives.
The virus, called Cabir, was unleashed by an underground virus authoring group calling itself 29a. The worm spreads between phones running Nokia’s Series 60 smartphone software, which runs on the Symbian operating system.
Cabir does not spread via the cellphone network in the way that a computer virus would exploit the internet. Instead, it uses the Bluetooth short-range radio communications protocol to infect devices up to a few tens of metres away. Safeguards built into Bluetooth mean a user has to confirm that they wish to receive the message carrying Cabir – which, ironically is disguised as a phone security application – for their phone to become infected.
Advertisement
Phone makers who have licensed Series 60 from Nokia have been quick to point out that the 29a group has not tried to spread Cabir outside its own laboratory, and that the worm does not cause any damage. They also stress that the virus is too unwieldy to spread rapidly.
But virus experts see Cabir as a sign of worse to come. “The virus writers simply decided not to include a malicious payload,” says Mikko Hyppönen of antivirus research at Finnish company F-Secure.
“The potential is there with mobile phones, because they are all connected to each other,” says Graham Cluley, of UK-based antivirus software firm Sophos. “The danger is that Cabir’s success will now encourage others.”
Hyppönen says a cellphone virus could spread with unwitting help from users – perhaps by sending a web link to malicious code disguised as an enticing smartphone game.
It might also be feasible to make a phone worm that could spread automatically, using information in the infected phone’s address books. But this would require some sort of operating system vulnerability, like those exploited by internet worms such as Blaster. And while such vulnerabilities do exist in cellphone software, Hyppönen points out that these are normally limited to a handful of models, which would restrict a worm’s ability to spread.