A version of the Cabir virus has turned up in two Nokia 6600s on display in a California mobile phone store, in what is believed to be the first "on-the-ground" sighting of the virus in the United States.
Just how the phones were infected isn't known, but it would have been very easy, given that both were on public display in the Santa Monica, California, shop's window. Anyone walking past the store could have dosed the handsets via Bluetooth. In announcing the infection, antivirus company F-Secure did not specify exactly when the infections were discovered.
Two sources familiar with the sighting said the phones in the window could have been spreading Cabir to passers-by; additional instances haven't been reported, however. A Nokia representative had no immediate comment.
Since its first sighting in June, the Cabir virus has morphed from a harmless concept to warn handset makers into much more malicious versions now found in a dozen countries, including Finland, where Nokia is based, the United Kingdom and Singapore. It's by far the most damaging of the small family of mobile phone viruses to date. F-Secure identified the US infections as Cabir.H and Cabir.I.
Cabir and the growing number of mobile phone viruses mainly target three mobile operating systems: Symbian, Windows Mobile and a third in use by NTT DoCoMo, one of the largest mobile phone operators in Japan. The malicious software has destroyed files, forced phones to dial premium-rate numbers or the emergency services.
While instances of infected phones are still extremely rare, each serves as a warning of the day when the threat of downloading a virus on a phone is as great as it is now on personal computers running Windows, said David Sym-Smith, a senior vice-president at Innopath, which recently began working to deliver a version of security specialist McAfee's software for handsets.
"No, these viruses are not crippling everybody," Sym-Smith said. "But there have been so many proofs of concepts, you're going to get copycats. So the industry is taking a heavier look right now."
The industry is scrambling as never before to put up adequate blockades. Security was a high priority in the latest release of the Symbian operating system. Microsoft has vowed to tighten up its overall security, while Japan's DoCoMo is among the first to create an antivirus program for its subscribers to use. Other carriers are expected to follow.
Talkback
As I've written on my mobile security blog, http://securemyphone.blogspot.com, F-Secure is not the only antivirus company concerned about mobile viruses. Symantec has a whole list of mobile viruses, along with removal instructions for each, and even Bullguard, a smaller antivirus player, has launched a mobile antivirus solution.
You do know that the user has to press two buttons to accept the worm, right? There is currently no known way to get a virus or worm onto these phones without user interaction.
http://www.f-secure.com/v-descs/cabir.shtml
Most people don't know what they're accepting. Probably that's how the virus has spread so far. Remember the days when people opened .pif files in emails, or even executables, when they were launching programes called dialer.exe? They just didn't know what they were opening. And it's almost the same now.
Not all smartphone users are actually smart phone users...
We need more blogs like the one in the first comment, to tell the world to STOP keeping those bluetooth connections discoverable and STOP accepting any files, just like they seem to finally do with mail nowadays.