Virus writers have come up with a way to make their malicious software jump from a mobile phone to the PC. Security researchers on Thursday reported the first sightings of a new Trojan program, which masquerades as pirated software for mobile phones and attempts to infect PCs via the phone’s memory card.
Though the malware is not considered to be a significant risk to users, it marks the first time that researchers have seen an attack that tries to move beyond mobile phones said Mikko Hypponen, director of anti-virus research with F-Secure Corp. “From a more academic point of view it’s very interesting,” he said.
Trojan malware gets installed on a device by masquerading as some other type of software. In this case, the Trojan is appears to be a pirated version of a mobile phone game that users can download from the Web, Hypponen said.
Antivirus vendor Trend Micro Inc. rated the potential for infection from the Trojan, called Sybos/Cardtrap.A, as “low,” in a statement released Thursday.
The Trojan includes a variety of malicious programs, including a number of viruses that spread from phone to phone via Bluetooth or MMS (Multimedia Messaging Service). It can affect mobile devices running Symbian Ltd.’s Series 60 operating system, as well as Microsoft Corp.’s Windows operating system.
Symbian Series 60 software is used in handsets from a number of vendors, including Nokia Corp. and Siemens AG.
The Sybos/Cardtrap.A software attempts the jump to PCs by copying two Windows worms to the mobile phone’s memory card. A user who then inserts this card into a PC and clicks on one of the infected files will launch a worm that attempts to spread to other PCs on the network.
Mobile phone attacks have been on the rise, though not nearly as widespread and disruptive as PC worms and viruses. F-Secure estimates that 28 countries have now reported instances of the Cabir worm, which uses Bluetooth connections to spread between Symbian-based phones. Another Symbian worm, called Commwarrior, has been sighted in 19 countries, Hypponen said. Commwarrior can spread via Bluetooth or MMS messages.
Hypponen, whose company sells antivirus software for mobile phones, says that these mobile attacks are still in their infancy. But the security researcher expects more sophisticated attacks to follow, as was the case with PC viruses. “It took 15 years for the first moneymaking viruses to emerge for the PC,” he said. “On the mobile side, I’m sure it will happen. It just hasn’t happened yet.”