mobilised - SymbianOS Worm On The Loose

Get Daily News

What Do YOU Want To Find On Mobilised?

	I want device Reviews & Specifications
	Can we have more Commentary & Interpretation?
	I'm looking for Vendor & Industry Analysis
	I need Advice & 'How To' Guides
	Just give us News - but make it FAST
	No! You still don't get It. None of the above

SymbianOS Worm On The Loose

Written by Adam Gosling

Tuesday, 22 January 2008

Security company Fortinet has warned mobile phone users of a new worm which targets SymbianOS powered devices. The malware requires authorisation from the user before it can install, but once it does the worm harvests numbers stored in the address book and to other random numbers on the same operator network.

The FortiGuardGlobal Security Research Team discovered the new SymbianOS Worm actively spreading on various mobile phone networks. Although circulation of the worm is currently still low, the FortiGuard Global Security Research Team are continuing to monitor the situation and will provide updates at www.fortiguardcenter.com.

The researcher has named the worm SymbOS/Beselo.A!worm as it runs on several Symbian S60 enabled devices including a number of Nokia phones. The Nokia 6600, 6630, 6680, 7610, N70 and N72 phones are confirmed targets, but the researcher says others may be vulnerable.

The worm spreads as an MMS message disguised as a multimedia file with an evocative name: either Beauty.jpg, Sex.mp3 or Love.rm. Rather than a naughty pic or video however, the file is actually a SIS-packed (Symbian Installation Source) version of the worm. However, because the Symbian operating system recognises files based on their contents and not their extensions, recipients will still be presented with an installation dialogue when they try to open the attachment.

Although users could be deceived by the extension the phone wont be, but users will still likely unknowingly approve and install the malicious software, warns Fortinet.

After an installation phase, the worm engages in a propagation routine using phone numbers located in the contact list of the device. In addition to harvesting these numbers the malware also sends itself to generated numbers as well. If the device is configured to save sent messages users will see unrecognised sent messages in their MMS outboxes.

So far those numbers are all located in China and belong to the same mobile phone operator. Some of those numbers have been verified to belong to actual customers, rather than being premium service numbers. The whys and hows of such a routine are still under investigation, says the security company.

For more information on SymbOS/Beselo.A!worm, visit here

Newer news items

WLAN Security Concerns Unfounded: 3Com -21/01/2008

Older news items

Lumension Integration For Enterprise Security -13/12/2007
Aussies Dunk, Drop and Throw Their Mobiles -04/12/2007
PayPal Gets Aussies To Pay Up -21/11/2007
Lightweight Phone Security Released To Aus -21/11/2007
New Trend For Mobile Device Security -06/11/2007

Tag This Now:

Get Daily News

Search