-
June 15th, 2004, 02:30 PM
#1
proof-of-concept worm
There has been discussion about this in the past, but here it is, a proof-of-concept worm that targets Nokia Series 60 phones or any Bluetooth-enabled device.
EPOC.Cabir is a proof-of-concept worm that replicates on Nokia Series 60 phones. It repeatedly sends itself to the first Bluetooth-enabled device that it can find, regardless of the type of device (ie even a Bluetooth-enabled printer will be attacked if it is within range).
The worm spreads as a .SIS file, which is automatically installed into the "APPS" directory when the receiver accepts the transmission. Upon execution, it will display a message then copy itself to a directory that is not visible by default. The worm runs from this directory whenever the phone is rebooted, so it continues to work even if the files are deleted from the APPS directory.
Once the worm is running, it will constantly search for Bluetooth-enabled devices, and send itself to the first device that it finds. There is no payload, apart from the vastly shortened battery life caused by the constant scanning for Bluetooth-enabled devices.
Full Write-up
Cheers:
-
June 15th, 2004, 02:59 PM
#2
Damn. What's next? Firewalls and anti-virus for your mobile?
Oliver's Law:
Experience is something you don't get until just after you need it.
-
June 15th, 2004, 03:16 PM
#3
Originally posted here by SirDice
Damn. What's next? Firewalls and anti-virus for your mobile?
A couple of years ago people said the same about PC's..
Firewalls are only for large corporations etc..
So, I'd bet on it and will invest in the first person to make an AV for mobiles
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
June 15th, 2004, 03:19 PM
#4
Banned
-
June 15th, 2004, 03:20 PM
#5
Oliver's Law:
Experience is something you don't get until just after you need it.
-
June 15th, 2004, 04:32 PM
#6
There is already antivirus available for some mobile devices.
There is no automatic update though. You have to manually do it by loading the updated database. I have bitdefender on my palmpilot which is also bluetooth enabled. I have it configured so you can't discover it nor connect to it. Even with those settings, I'm able to remotely surf the internet or sync via bluetooth. Trusted devices are allowed to access it, but I have to manuall add them by "pairing" the two devices. (initiate pairing and use the same passcode on both devices)
I kind of figured that we would see this type of worm/virus sooner or later.
It is just the next step...
With more and more devices having wireless (802.1x or bluetooth), I'd expect to see more of this.
Despite the risks... I'd still buy phones and devices that function as all in one devices. My palm pilot (T3) is something that I rely on daily. Can I live without it? Sure... Do I want to? No way!
SirDice: There are a couple of companies that provide "mobile av"...
http://www.bitdefender.com/bd/site/d...php?menu_id=21
Bitdefender has free av for both the Windows CE and Palm Pilot platforms.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
June 16th, 2004, 10:59 AM
#7
I don't own a PDA (yet) so I haven't looked at it but thanks for the link
Do you know of AVs for mobile phones? These seem to have more and more capabilities so I guess it's just a matter of time (this POC proved it already)
Oliver's Law:
Experience is something you don't get until just after you need it.
-
June 16th, 2004, 12:27 PM
#8
Not that I'm aware of... unless they are running the Windows CE or Palm platform...
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
June 16th, 2004, 03:26 PM
#9
blue tooth has a very limited range, and my 2 devices beep when something tries to connect. It then has to have my pin number in order to be copied or I have to over ride the security. This proof of concept is the basis of how blue tooth works. Any device on the market will do the same thing? The key word in the article is the reciever must "accept" the connection. The thing that makes this different I guess, is the file repeatedly tries to find other bluetooth devices. And copy itself. Which would play havac on printers, as they are always turned on. In reality though, no one walks around with their blue tooth transmitter turned on. Your cell phone and PDA wouldn't last very long. Unless you are playing around for some signals. In addition, your own device can be made "undiscoverable" meaning it won't respond to connection requests. Even if a phone is left on, every product I have seen times out after a period of no activity, because it sucks batt. power. The phone is basically running two transmitters and recievers at the same time. Just adding what I know, I understand this is a proof of concept and I also believe there will eventually be some kind of firwall device on the phone. Right now though bluetooth is exciting to learn.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
June 16th, 2004, 03:31 PM
#10
Heh heh, I haven't had a cell phone for a few months now because of trying to cut down on bills. And you know what? My life has somehow managed to go on without a hitch!
Seriously though, this is very interesting stuff. What's next?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|