More virus problems!

[stubeeef]

Link

SAN FRANCISCO (Reuters) - The world's first mobile phone virus "in the wild" has spread to the United States from its birthplace in the Philippines eight months ago, a security research firm said on Friday.

Crap!

 

[tech4all]

How would one manage to obtain a virus on their cell phone?

hehe, now we're going to have to start scanning our cell phones for viruses

 

[mkrishnan]

Okay, all us Americans, brace yourselves!!!! Go to your phone's BT pane and make sure, one more time, that it's set to hidden mode.

 

[Mechcozmo]

How would one manage to obtain a virus on their cell phone?

hehe, now we're going to have to start scanning our cell phones for viruses

Cell phones run an operating system. Linux derivatives or the like. They have security holes, too.

 

[Jaffa Cake]

From the article...

The store owner's phone had also been infected, Hypponen said. Both devices were Nokia.

This in the same week Nokia announce a tie-in with Microsoft... surely this can't be a coincidence?

 

[tech4all]

Cell phones run an operating system. Linux derivatives or the like. They have security holes, too.

But how would the virus get into the phone's OS?

 

[mkrishnan]

But how would the virus get into the phone's OS?

This virus' vector is Bluetooth. It installs itself, and then looks for other discoverable phones, to which it also installs itself. It's a security flaw in the way BT is implemented on the phones....

 

[Mechcozmo]

But how would the virus get into the phone's OS?

If the phone is used on the internet with a stripped down web browser... if the phone is connected to a computer..... (computer virus that spreads to phones. That is scary!)....BT....

Lots of ways. Just need to find them.

 

[dotdotdot]

Thats why we should all be using Apple Cell Phones!

 

[virividox]

DOH

 

[Lacero]

Nice to see cell phone developers learning from the maladies from the PC industry and creating rock solid cellphone OSes.

 

[MongoTheGeek]

just wait until someone finds a buffer overflow vulnerability in SMS or the like.

 

[andysmith]

This doesn't really take advantage of an exploit - when the .sis installation file is recieved (the user must first accept connection from a remote device), you have to install the file - which has two warnings about installing untrusted software.

 

[bankshot]

Not too surprising. I recall reading in the last few weeks that some brand of luxury car (Lexus??) was susceptible to getting a virus in the DVD navigation system. Again, the propagation vector was through bluetooth, getting in via a mobile phone within range. Just think what could happen if that virus could attack other computerized systems in the car!

Much like Microsoft, this is yet another example of adding features without much thought towards security. Sure, bluetooth is cool to have in your car's navigation system, but did anyone think about the security implications? Probably not.

 

[mkrishnan]

This doesn't really take advantage of an exploit - when the .sis installation file is recieved (the user must first accept connection from a remote device), you have to install the file - which has two warnings about installing untrusted software.

Wow, thank you. I didn't know that, and then after you wrote this, I confirmed. Now I'm hugely relieved. I thought it was an exploit, and did automatically install itself. Especially since I know the virus by name, why on earth am I going to install an unrequested file transferred via BT?