Ben
26th June 2005, 02:16 PM
Hmm.
Ok, my stance on mobile viruses has been somewhat staunch having not encountered one and not knowing anyone else who has. News reports suggest that Cabir and other smartphone viruses aren't really out there in the wild. My view on that changed yesterday.
In the Nokia bubble at the O2 Wireless Festival 2005 yesterday my friends 6680 suddenly received a flood of incoming bluetooth requests from Maria. We were sitting taking bluetooth requests anyway from the Nokia Raw machine that was sending out free goodies, so they accepted the connection from Maria.
Immediately Cabir.sis was transferred to her inbox and attempted to install. I spotted it straight away of course and we prevented the installation, but the immediate desire of the program to run impressed me somewhat. However, we couldn't delete the .SIS straight away as once Maria's phone had found the 6680 it continued to send a flood of connection attempts making it impossible to do anything!
We switched the phone to Offline mode (it disables Bluetooth too, who knew!) and deleted the Cabir installer, but even after that the infected handset continued its connection attempts when the targeted handset was online again. We moved out of range of the Nokia bubble and all was well.
So, a close call! There definitely needs to be a message displayed when a .SIS is received over bluetooth to the effect of "A program file has been received via Bluetooth and is attempting to install. You should not install this program unless you specifically requested it."
Antivirus wouldn't have helped the flood of bluetooth connections, but it would have flagged the file as a virus. However, I think it's the Symbian operating system at fault here. Clearer warnings are obviously required and I strongly suspect they will be present in future versions.
Commiserations to all those who got infected yesterday. Congratulations, on the other hand, to the guy who won the Nokia 6680 while I was sat there! All I could manage was a few very poor polyphonic ringtones!
Ok, my stance on mobile viruses has been somewhat staunch having not encountered one and not knowing anyone else who has. News reports suggest that Cabir and other smartphone viruses aren't really out there in the wild. My view on that changed yesterday.
In the Nokia bubble at the O2 Wireless Festival 2005 yesterday my friends 6680 suddenly received a flood of incoming bluetooth requests from Maria. We were sitting taking bluetooth requests anyway from the Nokia Raw machine that was sending out free goodies, so they accepted the connection from Maria.
Immediately Cabir.sis was transferred to her inbox and attempted to install. I spotted it straight away of course and we prevented the installation, but the immediate desire of the program to run impressed me somewhat. However, we couldn't delete the .SIS straight away as once Maria's phone had found the 6680 it continued to send a flood of connection attempts making it impossible to do anything!
We switched the phone to Offline mode (it disables Bluetooth too, who knew!) and deleted the Cabir installer, but even after that the infected handset continued its connection attempts when the targeted handset was online again. We moved out of range of the Nokia bubble and all was well.
So, a close call! There definitely needs to be a message displayed when a .SIS is received over bluetooth to the effect of "A program file has been received via Bluetooth and is attempting to install. You should not install this program unless you specifically requested it."
Antivirus wouldn't have helped the flood of bluetooth connections, but it would have flagged the file as a virus. However, I think it's the Symbian operating system at fault here. Clearer warnings are obviously required and I strongly suspect they will be present in future versions.
Commiserations to all those who got infected yesterday. Congratulations, on the other hand, to the guy who won the Nokia 6680 while I was sat there! All I could manage was a few very poor polyphonic ringtones!