Experts have predicted that more viruses targeted at mobile phones and PDAs will emerge in 2005.
There will also be a change in the way that viruses are spread, they say, with an increase in the number of viruses that spread wirelessly between devices, including viruses that can exploit the wireless capabilities of laptops.
David Emm, a senior technology consultant at antivirus company Kaspersky Labs, expects that virus writers will increasingly target mobile phones.
"I expect to see more mobile threats -- threats aimed at PDAs, threats aimed at smartphones -- than we have seen this year," said Emm. "Cabir was the first to attack smartphones, I expect that target will become more and more attractive to malicious code writers."
Security firm Panda Software agrees that more mobile phone worms are likely.
"One of the real surprises of 2004 was the appearance of Cabir, the first worm that affected cell phones," said a Panda Software spokesman. "There's no doubt that this is an area of increasing interest for the creators of malware and it is likely that attacks on cell phones and other platforms will be consolidated with the appearance of new 'concept trials' such as Cabir or even more dangerous specimens."
The Cabir worm was discovered in June 2004 after a copy was sent to antivirus companies by the group that had created it, but was quickly determined to be a relatively harmless, proof-of-concept program. Last week it was discovered that that the source code for the Cabir virus has been posted on the Web, which has lead to concerns that we may soon see the virus in the wild.
The Cabir virus spreads itself to new devices by using the Bluetooth wireless short-range protocol, although it can be prevented by turning off a phone's 'discoverable' mode.
Mikko Hyppönen, the director of antivirus research at F-Secure, warned that vulnerabilities in Bluetooth and other wireless technologies could be exploited in the future, enabling devices to be infected even if the user is running a firewall, or has turned Bluetooth to hidden mode.
A Bluetooth security vulnerability discovered in February last year allowed mobile phone users' contact books to be stolen, but was said to be unlikely to affect other Bluetooth devices, such as laptops. In August, a vulnerability was found in the WIDCOMM Bluetooth Connectivity Software which could be exploited by to compromise a user's system.
Hyppönen believes that Bluetooth-enabled laptops are likely to be targeted in future virus attacks. Laptops that have Wi-Fi capabilities are also a likely target, he said.
"If you buy a laptop today it has built-in WLAN and Bluetooth capability, while two years ago this wasn't the case," said Hyppönen. "Computers are listening to radio traffic all the time. Even though you can safeguard a WLAN with a firewall and can turn Bluetooth to hidden mode, if you have weakness in a WLAN or Bluetooth driver the weakness can be exploited."
Hyppönen said a firewall will not protect a wireless network if there is a flaw in the WLAN driver, as the firewall must obtain the traffic before it can inspect it, so a weakness in the WLAN driver can be exploited before it even reaches the firewall. A wireless virus could mean that even if a company blocks viruses coming in over the Internet, it could pick up the virus if an infected wireless device was brought into the office, said Hyppönen.
Viruses that infect laptops wirelessly are likely to become a serious issue. "This could become one of the big issues, if not in 2005, in the future," said Hyppönen.
F-secure is building a radio-proof lab so that it can test and isolate these viruses, according to Hyppönen.
Talkback
hi. i was walking down victoria stret in london on saturday 29th jan 05 and i got a ''bluetooth message'' file received entitled ''sanus.exe'' i discarded the file and it came up again and again over and over again until i had to turn of the phone. When turning it back on i managed to turn the bluetooth feature off and i have not had any problems since. One week later, my father had the same sort of message called ''cabir.exe'' but he accepted it. He installed it in the application folder and now continuously sends the messeage to other phones. I have recently deleted it from the phone's applications folder and turned the phone's bluetooth off but it still sends the message to other phones even though the phones bluetooth is off!! when the phone is switched on it comes up with a message 'cabir.exe'' and you only have the option of selecting OK. How do i get it off his phone????
We've had an infection of cabir.exe hit our offices in Lewes this weekend.
Affected 3 or 4 phones.
hey theres a new virus called fuyuan.sis that is automatically transfered to your mobile phone by by bluetooth. it drains down your battery and will automatically send to any other mobile with bluetooth turned on, on the phone. i think that it is only passed on with nokias.