Cell-phone viruses are at the threshold of their effectiveness. At present, they can't spread very far and they don't do much damage, but the future might see cell-phone bugs that are as debilitating as computer viruses. In this article, we'll talk about how cell-phone viruses spread, what they can do and how you can protect your phone from current and future threats.
Cell-phone viruses currently target Symbian Series 60 phones with Bluetooth and MMS capabilities, like this Nokia 6620.
Cell-phone Virus Basics
A cell-phone virus is basically the same thing as a computer virus -- an unwanted executable file that "infects" a device and then copies itself to other devices. But whereas a computer virus or worm spreads through e-mail attachments and Internet downloads, a cell-phone virus or worm spreads via Internet downloads, MMS (multimedia messaging service) attachments and Bluetooth transfers. The most common type of cell-phone infection right now occurs when a cell phone downloads an infected file from a PC or the Internet, but phone-to-phone viruses are on the rise.
Current phone-to-phone viruses almost exclusively infect phones running the Symbian operating system. The large number of proprietary operating systems in the cell-phone world is one of the obstacles to mass infection. Cell-phone-virus writers have no Windows-level marketshare to target, so any virus will only affect a small percentage of phones.
Infected files usually show up disguised as applications like games, security patches, add-on functionalities and, of course, pornography and free stuff. Infected text messages sometimes steal the subject line from a message you've received from a friend, which of course increases the likelihood of your opening it -- but opening the message isn't enough to get infected. You have to choose to open the message attachment and agree to install the program, which is another obstacle to mass infection: To date, no reported phone-to-phone virus auto-installs. The installation obstacles and the methods of spreading limit the amount of damage the current generation of cell-phone virus can do.
That Thing With Paris Hilton's Phone
Remember when someone got his hands on Paris Hilton's star-studded contact list? It was not the result of a virus, and nobody hacked into Hilton's phone.
Mobile phone servers hold on to certain types of information, such as contact lists (in case the user's phone locks up) and recent calls (for billing purposes). The enterprising hacker got into T-mobile's servers and stole the information from there.
How They Spread
Phones that can only make and receive calls are not at risk. Only smartphones with a Bluetooth connection and data capabilities can receive a cell-phone virus. These viruses spread primarily in three ways:
Internet downloads - The virus spreads the same way a traditional computer virus does. The user downloads an infected file to the phone by way of a PC or the phone's own Internet connection. This may include file-sharing downloads, applications available from add-on sites (such as ringtones or games) and false security patches posted on the Symbian Web site.
Bluetooth wireless connection - The virus spreads between phones by way of their Bluetooth connection. The user receives a virus via Bluetooth when the phone is in discoverable mode, meaning it can be seen by other Bluetooth-enabled phones. In this case, the virus spreads like an airborne illness. According to TechnologyReview.com, cell-phone-virus researchers at F-Secure's U.S. lab now conduct their studies in a bomb shelter so their research topics don't end up spreading to every Bluetooth-enabled phone in the vicinity.
Multimedia Messaging Service - The virus is an attachment to an MMS text message. As with computer viruses that arrive as e-mail attachments, the user must choose to open the attachment and then install it in order for the virus to infect the phone. Typically, a virus that spreads via MMS gets into the phone's contact list and sends itself to every phone number stored there.
In all of these transfer methods, the user has to agree at least once (and usually twice) to run the infected file. But cell-phone-virus writers get you to open and install their product the same way computer-virus writers do: The virus is typically disguised as a game, security patch or other desirable application.
The Commwarrior virus arrived on the scene in January 2005 and is the first cell-phone virus to effectively spread through an entire company via Bluetooth (see ComputerWorld.com: Phone virus spreads through Scandinavian company). It replicates by way of both Bluetooth and MMS. Once you receive and install the virus, it immediately starts looking for other Bluetooth phones in the vicinity to infect. At the same time, the virus sends infected MMS messages to every phone number in your address list. Commwarrior is probably one of the more effective viruses to date because it uses two methods to replicate itself.
So what does a virus like this do once it infects your phone?
The Damage Done
The first known cell-phone virus, Cabir, is entirely innocuous. All it does is sit in the phone and try to spread itself. Other cell-phone viruses, however, are not as harmless.
A virus might access and/or delete all of the contact information and calendar entries in your phone. It might send an infected MMS message to every number in your phone book -- and MMS messages typically cost money to send, so you're actually paying to send a virus to all of your friends, family members and business associates. On the worst-case-scenario end, it might delete or lock up certain phone applications or crash your phone completely so it's useless. Some reported viruses and their vital statistics are listed below.
Cell-phone Viruses
Skulls.AFirst reported: November 2004Attacks: various Symbian phonesSpreads via: Internet downloadHarm: disables all phone functions except sending/receiving callsMore information (including disinfection): http://www.f-secure.com/v-descs/skulls.shtml
Commwarrior.AFirst reported: January 2005Attacks: Symbian Series 60 phonesSpreads via: Bluetooth and MMSHarm: sends out expensive MMS messages to everyone in phonebook (in course of MMS replication)More information (including disinfection): http://www.f-secure.com/v-descs/commwarrior.shtml
Locknut.BFirst reported: March 2005Attacks: Symbian Series 60 phonesSpreads via: Internet download (disguised as patch for Symbian Series 60 phones)Harm: crashes system ROM; disables all phone functions; inserts other (inactive) malware into phoneMore information (including disinfection): http://www.f-secure.com/v-descs/locknut_b.shtml
Fontal.AFirst reported: April 2005Attacks: Symbian Series 60 phonesSpreads via: Internet downloadHarm: locks up phone in startup mode; disables phone entirelyMore information (including disinfection): http://www.f-secure.com/v-descs/fontal_a.shtml
Turn off Bluetooth discoverable mode. Set your phone to "hidden" so other phones can't detect it and send it the virus. You can do this on the Bluetooth options screen.
Check security updates to learn about filenames you should keep an eye out for. It's not fool-proof -- the Commwarrior program generates random names for the infected files it sends out, so users can't be warned not to open specific filenames -- but many viruses can be easily identified by the filenames they carry. Security sites with detailed virus information include:
F-Secure
McAfee
Symantec
Some of these sites will send you e-mail updates with new virus information as it gets posted.
Install some type of security software on your phone. Numerous companies are developing security software for cell phones, some for free download, some for user purchase and some intended for cell-phone service providers. The software may simply detect and then remove the virus once it's received and installed, or it may protect your phone from getting certain viruses in the first place. Symbian has developed an anti-virus version of its operating system that only allows the phone's Bluetooth connection to accept secure files.
Although some in the cell-phone industry think the potential problem is overstated, most experts agree that cell-phone viruses are on the brink of their destructive power. Installing a "security patch" that ends up turning your phone into a useless piece of plastic is definitely something to be concerned about, but it could still get worse. Future possibilities include viruses that bug phones -- so someone can see every number you call and listen to your conversations -- and viruses that steal financial information, which would be a serious issue if smartphones end up being used as payment devices (see Bankrate.com: Paying by cell phone on the way). Ultimately, more connectivity means more exposure to viruses and faster spreading of infection. As smartphones become more common and more complex, so will the viruses that target them.
For more information on cell-phone viruses and related topics, check out the links on the next page.