Palm OS rides to legitimacy on Trojan horse

In a perverse twist only a publicist could love, a recent Trojan horse that hit Palm Inc.’s Palm OS devices – the first known attack on a wireless device – is actually garnering the San Francisco vendor some respect.

“It almost, in a dark way, legitimizes them,” said industry analyst Dan McLean of IDC Canada in Toronto. “It means someone out there is saying there’s enough of these …to make it worth my while to wreak havoc.”

“The more popular the operating system is, the more likely it is that hackers will try to attack it,” agreed Eric Maurice, a spokesperson for Computer Associates in New York. “It’s kind of a tribute to (Palm’s) success, I guess.”

Whether or not Palm is pleased with the attention is another story. The Trojan horse that attacked the company’s PDAs was reportedly developed from an uninstall utility by a company employee in Sweden, before it was inadvertently released through a Palm developers’ chat room on the Internet.

The Trojan horse, classified by CA as Palm/Liberty.A.Trojan, poses as a crack for Palm’s Liberty GameBoy emulator. But when transferred to the Palm device via Hot Sync, the file actually searches and deletes all previously installed applications.

Despite the malicious intent of the file, CA’s Maurice said his company has classified the threat of the Liberty horse as mild.

If victimized, Palm OS users can easily enable a desktop override to reinstall lost applications on their Palm device as well as delete the Liberty.A.Trojan file, Maurice explained. Both CA’s InnoculateIT anti-virus software and Symantec’s Norton Anti-Virus software have also been updated to detect the Trojan horse on desktop PCs, to prevent downloading to Palm devices.

Though CA is currently working on an anti-virus software program specifically for Palm devices, Maurice said any future impact of viruses and Trojan horses on PDAs may be more annoying than devastating, unlike recent widespread attacks against networked PCs.

“One of the big reasons why viruses and Trojans are so much of a problem for PC (owners) is we don’t do back-ups very often,” Maurice said. “When you have a Palm Pilot or another PDA, you tend to do a back-up at least once a day. That makes the effects of an attack milder than you would experience on a PC.”

Maurice also suggested the majority of hacker attacks would probably remain confined to computers with Windows operating systems, as long as the software remains as ubiquitous as it is.

McLean, however, speculated that attacks on wireless devices may increase, as hackers begin to see the handheld boom as an opportunity to attack network accessible devices rather than solitary PDAs.