There has been discussion about this in the past, but here it is, a proof-of-concept worm that targets Nokia Series 60 phones or any Bluetooth-enabled device.

EPOC.Cabir is a proof-of-concept worm that replicates on Nokia Series 60 phones. It repeatedly sends itself to the first Bluetooth-enabled device that it can find, regardless of the type of device (ie even a Bluetooth-enabled printer will be attacked if it is within range).

The worm spreads as a .SIS file, which is automatically installed into the "APPS" directory when the receiver accepts the transmission. Upon execution, it will display a message then copy itself to a directory that is not visible by default. The worm runs from this directory whenever the phone is rebooted, so it continues to work even if the files are deleted from the APPS directory.

Once the worm is running, it will constantly search for Bluetooth-enabled devices, and send itself to the first device that it finds. There is no payload, apart from the vastly shortened battery life caused by the constant scanning for Bluetooth-enabled devices.

Full Write-up (http://securityresponse.symantec.com/avcenter/venc/data/epoc.cabir.html)

Cheers:

Damn. What's next? Firewalls and anti-virus for your mobile?

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=258746#post757981) by SirDice
Damn. What's next? Firewalls and anti-virus for your mobile?

A couple of years ago people said the same about PC's..
Firewalls are only for large corporations etc..

So, I'd bet on it and will invest in the first person to make an AV for mobiles ;)

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=258746#post757995) by the_JinX
A couple of years ago people said the same about PC's..
Firewalls are only for large corporations etc..

So, I'd bet on it and will invest in the first person to make an AV for mobiles ;)

Or maybe we'll have people start pulling their heads out of thier asses and using cell phones as phones not as walking PCs, stereos, organizers, and ass scratchers... I personally am sick of people with cell phones.

But that virus sounds cool despite what I just said, using Bluetooth to spread over cell phones is an awesome concept IMO. :D :D

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=258746#post757995) by the_JinX
A couple of years ago people said the same about PC's..
Firewalls are only for large corporations etc..

So, I'd bet on it and will invest in the first person to make an AV for mobiles ;)

You'd think they learned from their mistakes :rolleyes:

Just in case, I'm gonna buy a sh*tload of shares from the first company that makes a mobile AV :D

There is already antivirus available for some mobile devices.

There is no automatic update though. You have to manually do it by loading the updated database. I have bitdefender on my palmpilot which is also bluetooth enabled. I have it configured so you can't discover it nor connect to it. Even with those settings, I'm able to remotely surf the internet or sync via bluetooth. Trusted devices are allowed to access it, but I have to manuall add them by "pairing" the two devices. (initiate pairing and use the same passcode on both devices)

I kind of figured that we would see this type of worm/virus sooner or later.

It is just the next step...

With more and more devices having wireless (802.1x or bluetooth), I'd expect to see more of this.

Despite the risks... I'd still buy phones and devices that function as all in one devices. My palm pilot (T3) is something that I rely on daily. Can I live without it? Sure... Do I want to? No way!

SirDice: There are a couple of companies that provide "mobile av"...
http://www.bitdefender.com/bd/site/downloads.php?menu_id=21

Bitdefender has free av for both the Windows CE and Palm Pilot platforms.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=258746#post758029) by phishphreek80
SirDice: There are a couple of companies that provide "mobile av"...
http://www.bitdefender.com/bd/site/downloads.php?menu_id=21

Bitdefender has free av for both the Windows CE and Palm Pilot platforms.

I don't own a PDA (yet) so I haven't looked at it but thanks for the link :)

Do you know of AVs for mobile phones? These seem to have more and more capabilities so I guess it's just a matter of time (this POC proved it already)

Not that I'm aware of... unless they are running the Windows CE or Palm platform...

blue tooth has a very limited range, and my 2 devices beep when something tries to connect. It then has to have my pin number in order to be copied or I have to over ride the security. This proof of concept is the basis of how blue tooth works. Any device on the market will do the same thing? The key word in the article is the reciever must "accept" the connection. The thing that makes this different I guess, is the file repeatedly tries to find other bluetooth devices. And copy itself. Which would play havac on printers, as they are always turned on. In reality though, no one walks around with their blue tooth transmitter turned on. Your cell phone and PDA wouldn't last very long. Unless you are playing around for some signals. In addition, your own device can be made "undiscoverable" meaning it won't respond to connection requests. Even if a phone is left on, every product I have seen times out after a period of no activity, because it sucks batt. power. The phone is basically running two transmitters and recievers at the same time. Just adding what I know, I understand this is a proof of concept and I also believe there will eventually be some kind of firwall device on the phone. Right now though bluetooth is exciting to learn.

Heh heh, I haven't had a cell phone for a few months now because of trying to cut down on bills. And you know what? My life has somehow managed to go on without a hitch! :D

Seriously though, this is very interesting stuff. What's next?

hah!
Blue-tooth is a seriously badly designed protocol, something along the lines of WiFi would be better, since it offers the ability to encrypt the data although, even that dosn't seem safe any more.

* hugs his Nokia 3330 (ie, Piece of crap) *

lol, like anything on the IT Planet there are many configurations of Blue Tooth, from unlocking the door to securing it. Blue Tooth does have encryption for payload. Encrypting the funtion to find other devices, defeats the purpose of sharing information with the masses. On the other hand, if one buys a keyboard or headset that is automatically encrypted and power output reduced that brings in classes. There are 3 types, with standard power output and ranges for each. Cell phones are on average of about 30 feet when the system is active. In Security Mode 3 of 3, the bluetooth device will establish authentication measure before ever accepting a connection. In addition there are permanent and temporary keys that are 128 bit. Sure there are some weakness in Bluetooth just like in WEP but it's just not a open doorway, unless one goes out of the way to make it so, or blindly accepts link requests at rendom. But you will see the person or object making it in most cases.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=258746#post758570) by RoadClosed
blindly accepts link requests.

You mean like users blindly clicking on e-mail attachments ;)

Cheers:

Yep

"HI, this is amazing.... click this file and world piece and love with drop into your life"

attach: Peace.exe

:D

FYI Symantec also makes an anitvirus program for handhelds, seems to be a pretty nifty program. You can read more about the corp edition at http://ses.symantec.com/products/products.cfm?productid=237

they also make a retail version which you can obviously get at a retail store ;)

hummm... AV/firewall for cell phone. Now there is a way to make money. Especially with some of the more recent cellphones. And could probably be programmed in java knowing most phone makers..

Road> yeah you have to accept, but how many people know that? We can still exploit the masses and take their money befor ethy realize it :)

lol... the thing is, what are you going to do? It's like hacking a calculator. :D

My calculator cannot phone some number but my phone can calculate ;-)

Seriously, what could you do when you infect a cellphone?
Is it possible to have it dial a number?
DoS a couple of faxes? (send an infinitly long black fax)
Upload another virus via UMTS/GPRS (Internet uplink)?
Read/forward/delete email?

I dunno. What are the possibilities?

make the phone call your zimbabwan registered 10 dollar a minute service
that'd be a cool get-rich-quick scheme...

I am with Jinx on this one. I think we are still a couple years off from any real nefarious acts towards mobile phones but when these things to come into mainstream I think it will be just like nocuous spam. They will be as Jinx said "get rich quick" schemes, or something along those lines. I just hope there are people as we speak preparing fro this inevitable situation.

As other users have asked, what exactly could such a virus do to you? I am unaware of the future implications of this proof-of-concept bug.