0

The Fortinet threat response team has reported a new and malicious Symbian OS based worm that is currently actively infecting mobile phone networks. According to Fortinet, the worm comes packaged in disguise as a multimedia file with a name such as sex.mp3 or love.rm and enables it to easily con the average mobile phone user into installing the software onto their handsets. The SymbOS/Beselo.A!worm, as it has been none too snappily named, can exist on several different Symbian S60 enabled devices including popular Nokia 6600, 6630, 6680, 7610, N70 and N72 handsets.

Once installed, the worm gets to work harvesting every phone number contained in the handset address book and then starts to systematically target them with a viral MMS carrying a SIS-packed (Symbian Installation Source) version of the worm in order to spread itself. Of course, like all such malware the worm does more than just that. It also sends itself to other numbers which so far have all been found to reside in China. Fortinet is still investigating the purpose and nature of these calls.

Let's not get too carried away with this though, Fortinet admits that the prevalence of this mobile malware is "still low" and users can fairly easily check their message outboxes for unrecognised entries which would hint at infection if they are at all worried.

Of course, Fortinet would also argue that installing the FortiClient Mobile antivirus on the handset would automatically detect and remove the worm, but to be honest as long as you display a modicum of common sense and restraint as far as link clicking is concerned the danger of infection is pretty low. Then again, we all know how many people click links like they are training for some Olympic sport so maybe Fortinet has a point. The one thing that is not open to debate is that as mobile devices continue to advance technically, continue to become used as a transactional tool and continue to store ever increasing amounts of personal data so they will also become of increasing interest to the criminal fraternity.

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

1
Contributor
0
Replies
1
Views
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.