Proof of concept worm for handheld devices
The first worm that spreads through handheld devices, like mobile phones, was observed in June 2004. The program, called Cabir, is a "proof of concept" program without malicious code.
For several years there has been speculation about when (not if) malicious code attacking mobile devices would appear. As the technology used in such devices has become increasingly more advanced, it was only a question of time before someone was able to and took the time needed to create a program that aimed to attack such devices.
In the middle of June 2004 a program called Cabir, was observed. This program seems to have been created mostly to show that it is possible to make malware spreading through mobile devices.
Spreading ability
Cabir spreads through mobile devices using the operating system Symbian. Examples of devices using this OS are some mobile phones from e.g. Sony Ericsson, Nokia and Siemens.
Cabir's spreading ability is limited, among other due to the following reasons:
- it uses a technology called Bluetooth to spread. This technology's transmission rate is approximately 10 meters.
- other Bluetooth devices have to accept the incoming message and install the malicious file.
- Bluetooth communication is most often not enabled by default.
In sum, this restrictions would restrict malware using the same technique severely.
Expectations
Cabir and malicious programs using the same technique are at the moment hardly a serious threat, in Norman's view.
However, as the technology present in mobile devices continue to evolve, vendors of the devices, as well as users, should be quite aware that there are security issues to observe.
