In the wake of the T-Mobile Paris Hilton hack fiasco, another potential problem has surfaced to call into question the stability of mobile phone networks and security.
Born in the Philippines eight months ago, a “ring worm” virus has spread to the United States. Called “Cabir”, the virus’ most annoying feature is its ability to drain the battery of mobile phones. The mobile phone industry has 1.5 billion users worldwide — about 25% of the world’s total population. While the virus is not yet wide-spread — mobile phone viruses spread slowly because the phones have limited range, unlike computer viruses which get onto the internet and go wild — it could some day reach all of these users, according to the speculation of some groups. Found in about 15 different variations thus far, the virus has reached 12 countries.
Reportedly, the worm can also destroy files and call up expensive “900″ numbers (those still exist?). Bluetooth wireless technology allows the virus to spread. One expert in the field, however, urges people to stay calm. The New York Post reports:
Mikko Hypponen, who works at the Finnish anti-virus company that discovered the first “in the wild” version of the virus in America, offered users some relief. “This is not going to be the end of the world; the common Cabir variants have been proved to be very slow in spreading,” he said.
Security experts are predicting that with telephone technology improving so rapidly, virus scares once confined to cyberspace will soon expand to the cellphone world.
While the virus may move slowly, it remains to be seen what kind of panic this could potentially cause in the business world. As more and more deals are being consummated by the use of Blackberry technology, mobile phone calls, and text messaging, there could be serious information-leaking risks about top secret deals. While computer and intranet security is something that is generally top priority at places like law firms and securities brokerages — places where secret information exists by the gigabyte — mobile phone security experts do not yet exist in such numbers. Could mobile phones become the next front in the war against industrial espionage?
Whether the threat is real or simply an imagined, blown-out-of-proportion scare, mobile phone providers will need to do something to ensure customers that their products and services are secure and stable.
Nathan Novak at 2:48 pm
This is the first I’ve ever heard of Cabir destroying files or calling a 900 number. Where’d that information come from - certainly not from F-Secure (http://www.f-secure.com or http://www.f-secure.com/weblog ). I’d kind of like to know who made that claim & see if they can follow it up with facts. This is worse than the paranoia that spread about viruses infecting different Lexus models.
Comment by Barb — February 21, 2005 @ 3:06 pm
How can we protec our handsets from these so called attcks?
Any information would be appreciated.
Comment by Izarbod Beadlebrook — February 21, 2005 @ 3:13 pm
A virus drains the phone’s battery? You must be smoking the litium battery remains.
Comment by Bob McClure — February 21, 2005 @ 3:37 pm
As for Bob’s question about how a virus drains a phone battery, this seems fairly simple. A phone’s battery will drain faster based on how much “work” it is doing. For instance, my phone can last only about 16 hours in a “roam” zone, as it is constantly searching for a tower it can use, while it can go probably 72 hours without being recharged in a normal zone. I would imagine a virus could simply force the phone’s internal computer to work at a rapid pace, thus wasting battery power. (This is my own conjecture.)
Comment by Nathan J. Novak — February 21, 2005 @ 3:47 pm
Cabir spreads via Blutooth. The constant search for new victims drains the battery.
Comment by Jörg — February 21, 2005 @ 4:06 pm
As far as preventing the spread goes, simply turn off Blue tooth. It can’t spread if it doesn’t have a way to get in. Turning off blue tooth is also a good way to help make the battery last longer. Also, in order to drain the battery, Nathan is right. It’s probably an infinate loop, lust adding one, then subtracting every time, until the battery dies.
Comment by Taylor Wilson — February 21, 2005 @ 4:10 pm
Woops, Jorg beat me to it.
Comment by Taylor Wilson — February 21, 2005 @ 4:11 pm
Hey Bob McClure, you seem so eager to show off how smart you are when in fact you revealed your own glaring lack of knowledge. For a virus to drain a phone’s battery is a trivial matter - just run a process that never stops working, i.e. occupies all idle cycles of the phone’s processor. The processor will use more power. That’s really really basic hardware stuff - it annoys me how people arrogantly shoot their mouths off with incorrect statements about things they obviously know nothing about - if you don’t know anything about how computers (and yes modern phones are just computers) work, rather keep quiet.
What I’m curious about is what platform this virus is based on. Different phones use different processors, so either it’s specific to particular phone models, or it uses a virtual platform present on most phones, such as Java. The article doesn’t say.
Comment by David — February 21, 2005 @ 4:13 pm
wow i never new you could get mobile phone viruses
Comment by ? — February 21, 2005 @ 4:28 pm
Hey, it makes sense. But it seems that turning off Bluetooth when not in use will stop the spread of it, and, by turning off bluetooth, you are also saving a lot of battery life (both my SE and Nokia seem to get ~1/2 the battery life when BT is on the whole time). That said, if you use BT all the time….
Comment by Anonymous — February 21, 2005 @ 5:16 pm
You don’t have to turn off Bluetooth, just don’t accept any incoming files that come out of nowhere, or keep your Bluetooth connection hidden. But yes, turning off Bluetooth is the way to go for smartphone newbies.
On the other hand, Cabir only affects Symbian OS 60 series smartphones. It is, as Symantec puts it, an Symb.OS virus.
Find out more about it and other mobile threats on my mobile security blog: http://securemyphone.blogspot.com
Comment by Freak de Gadget — February 21, 2005 @ 11:22 pm
I CAN’T BELIEVE YOU CAN GET PHONE VIRUSES!!! I HOPE IT DOESN’T SPREAD WORLD-WIDE, IF MY PHONE GETS IT, I DONT KNOW WHAT I’LL DO!!!
Comment by KELSEY — February 22, 2005 @ 10:54 am