Spanish police have arrested a 28-year-old man and charged him with creating and distributing malware that infected an estimated 115,000 mobile phones, the French AFP news service has reported.
The unidentified defendant, who was arrested in Valencia after a seven-month investigation, allegedly created more than 20 variants of the Cabir and Commwarrior worms, which target mobile phones running the Symbian operating system and infect nearby devices via Bluetooth.
According to Sophos, the man embedded his fiance's name - Leslie - in the worms' source code. Rival security company F-Secure had previously pegged Cabir's creator as a member of the ‘29a’ hacker crew, and said his handle was ‘ValleZ’. Commwarrior's author, however, was thought to be a Russian who went by the nickname ‘Eldod0r’.
Ron O'Brien, a senior security analyst at Sophos, classified the worm as "proof-of-concept, if you will. They're out to prove that cell phones are not secure, that Bluetooth isn't secure." Neither does more than propagate.
"They're malicious only in the eye of the beholder," said O'Brien.
Commwarrior spreads via MMS (multimedia messaging service) by sending a message to other devices within Bluetooth range. If the recipient accepts the incoming message - which poses as a new game, ring tone, driver, or even Symbian update - his or her phone is infected.
Although most security vendors have predicted an increase in mobile malware, those forecasts have not panned out. "There isn't a common operating system," said O'Brien in explaining the low threat level posed by cell phone viruses and worms. "Phones are not like PCs in that they don't have a universal operating system. That makes [mobile] worms a much harder sell to hackers."