Great news, everyone! Your mobile phone may soon be helping some criminal scrote take down a Fortune 500 company!
PC owners have long been prey to virus writers and in recent years the cunning coders have been harnessing infected PCs to create ‘BotNets‘ - armies of enslaved PCs that can be used for criminal purposes without their owners ever suspecting a thing. Now, say security researchers at Georgia Tech, the current generation of smartphones are powerful enough to take over as the hacker’s botnet platform of choice.
All that processing power, twinned with an always-on internet connection, could see deial of service attacks or even coordinated password-cracking algorithms running in your inside pocket.
Don’t get too worries straight away - this is very much at the ‘well, it could happen’ stage, and certainly most mobiles are more locked down, app-wise, than the average WIndows PC but it is certainly food for thought.
It was only a matter of time before someone crafted an iPhone virus, or at least some form of malware attacking Apple’s handset. And now they have. To give it its proper name, it’s a “memory exhaustion remote denial of service vulnerability”, which is basically 19 lines of JavaScript that when coded into a website, crashes your iPhone.
Bummer, eh? While annoying, there are more serious implications - in theory, this hole could be used to do nasty stuff to your iPhone. In practice, that isn’t happening, and making a virus that’d actually do it is a different challenge entirely. It seems the exploit is present in the latest iPhone firmware, 1.1.3, despite having been discovered in the previous version.
For now, if you’re really worried about the bug, you can disable JavaScript in Safari on the iPhone.
(via Reg Hardware)
Security consultants Fortinet are reporting a new SymbianOS worm that seems to be spreading ‘in the wild’.
The worm, dubbed SymbOS/Beselo.A!worm is targeting S60 devices, including the Nokia 6600, 6630, 6680, 7610, N70 and N72.
The worm is spread by a .SIS file (an S60 program) disguised as an mp3, jpg or realmedia file that is downloaded or received via MMS. Once opened, the worm installs itself and starts trying to spread by sending a copy of itself via MMS to contacts from the infected phone’s addressbook.
Interestingly, the worm also randomly generates some numbers from a Chinese mobile network and tries to send itself to them as well.
Fortinet’s own anti-virus product will remove the infection (presumably other mobile antivirus companies will release updates to cover it as well - check with your vendor). The simplest way to check if you have been infected is to look for any unexplained MMS in your sent box.
