Security researchers yesterday reported the first sightings of a new Trojan program that masquerades as pirated software for mobile phones and attempts to infect PCs via the phone's memory card.
Though the malware is not thought to present a significant risk to users, it marks the first time that researchers have seen an attack that tries to move beyond mobile phones, according to Mikko Hypponen, director of antivirus research at F-Secure. "From a more academic point of view it's very interesting," he said.
Trojan malware gets installed on a device by masquerading as another type of software. In this case, the Trojan appears to be a pirated version of a mobile phone game that users can download from the web, Hypponen said.
Antivirus vendor Trend Micro rated the potential for infection by the Trojan, called Sybos/Cardtrap.A, as low, in a statement released yesterday.
The Trojan includes a variety of malicious programs, including a number of viruses that spread from phone to phone via Bluetooth or MMS (Multimedia Messaging Service). It can affect mobile devices running Symbian's Series 60 OS (operating system), as well as Microsoft's Windows mobile OS.
Symbian Series 60 software is used in handsets from a number of vendors, including Nokia and Siemens.
The Sybos/Cardtrap.A software attempts the jump to PCs by copying two Windows worms to the mobile phone's memory card. A user who then inserts this card into a PC and clicks on one of the infected files will launch a worm that attempts to spread to other PCs on the network.
Mobile phone attacks have been on the rise, although they are nowhere near as widespread and disruptive as PC worms and viruses. F-Secure estimates that 28 countries have reported instances of the Cabir worm, which uses Bluetooth connections to spread between Symbian-based phones. Another Symbian worm, called Commwarrior, has been sighted in 19 countries, Hypponen said. Commwarrior can spread via Bluetooth or MMS messages.
Hypponen, whose company sells antivirus software for mobile phones, says these mobile attacks are still in their infancy. But the security researcher expects more sophisticated attacks to follow, as was the case with PC viruses. "It took 15 years for the first moneymaking viruses to emerge for the PC," he said. "On the mobile side, I'm sure it will happen. It just hasn't happened yet."