Help! There is a virus in my mobile phone

- Taiwan based security firm Trend Micro discovered a Windows Mobile based virus Backdoor.Brador.A on August 5 last, which allows its client component to control an infected device. It can run potentially fatal programs or commands on the gadget.

- On July 17 last, well known anti-virus firm Symantec came across WinCE4.Duts, a worm aimed at Windows based Pocket PCs and Smartphones. A file-infecting worm, Duts replicates itself to reach other mobile devices that share the same platform.

- A mobile phone virus named SymbOS.Cabir was discovered by researchers at a Russian computer security firm Kapersky Labs last June. This worm sends itself repeatedly to any approachable Bluetooth enabled devices.

These are three latest instances of mobile devices coming under attack from viruses, hitherto known as tormentors of computer systems only. But then viruses are not on the mercy of computer systems for their survival and spread. These malicious pieces of code written by some ingenious and may be misguided programmers can virtually run on any intelligent devices, harm them, replicate themselves, and find new bases quickly like shrewd fugitives. All that they need is an environment where pre-written programs can be injected and executed with or without their owner’s consent. Mobile devices such as PDAs, PalmPilots and cellular phones perfectly fit the bill. 

As the line of difference between mobile devices and computers is blurring at a fast pace, these gadgets are acquiring more and more technical capabilities and in turn, becoming less and less secure from outside threats. With increasing use of wireless technologies such as WAP and Bluetooth, growing adaptability of operating systems such as Windows CE and Symbian, and advent of embeddable programming languages like Java and .Net, mobile devices have acquired features considered unthinkable for communication gadgets and have become almost as easily programmable as computers. The power packed into the little machines is bound to make you thrilled but somewhere in the wild, the virus writers are smiling.

Stuttgart based company Xonio recently tested 23 mobile phone models from various manufacturers, with 13 turning up security problems. For four of the Bluetooth cell phones, it was even possible for a hacker to take complete control of the device and, unbeknown to the owner, do things like dialing any desired number. 

Easy prey for hackers

What could be the intentions of possible hackers of mobile phones? Well, they might use them for financial gains, for spying related activities, to choke a network on behalf of a competitor, to steal your personal information or for sheer programming pleasure. Mobile networks are not monitored for viruses like Internet servers are. This makes mobiles easy prey for virus writers. 

These phones being directly attached with billing or credit systems make them an appealing target for the virus writers. This might bring unexpected consequences for unsuspecting users. Just imagine your mobile being infected by a virus that allows a hacker to make international calls at your cost. Calls may also be made to phone services that charge for every call they receive. A few years ago, NTT DoCoMo sounded alarm bells when users of its mobile device i-Mode in Japan became target of a virus that either made the handset automatically dial an emergency number, made a large volume of calls or crashed the device itself. Another virus made users of the same handset believe that they were playing a game when the virus actually made calls to a predefined number.

Spam, which is already responsible for some 80% email traffic on the Internet, could be another reason for hackers to attack your phone to use your identity and address list to spread their message. Worldwide mobile network has already become larger then Internet itself, which is tempting enough for hackers to intervene using technologies such as email, SMS or MMS. In June 2000, a virus named Timofomica bombarded subscribers of Spain’s Telephonica Mobile Network with SMS messages written in Spanish. The virus actually spread from computer systems to mobile devices and targeted phones using European GSM mobile standard. 

Increasing inter-connectivity among computers, handheld devices and mobile phones is making way for large, intelligent, multi-faceted networks. In such a scenario, a virus writer can find an entry-hole in one device or the other. Mobile devices can get virus infection from many sources such as downloaded games (as has already been proved by the Mosquitos virus), emails, third-party programs and the mobile network itself. 

Increasing vulnerability

Until a few months ago, we were using mobile phones with closed operating systems having a little number of passive, pre-built functionalities. They were limited-ability devices, like our television sets, and did just what they were programmed for. They lacked an environment to support executables, and therefore, restricted entry to viruses as well as third-party functionality-enhancement programs. Things have changed now. Java and .net enabled handsets running on smart, powerful operating systems such as Windows Mobile and Symbian are getting popular among functionalities-savvy users. 

The Windows environment is traditionally known for attracting virus writers (More than 60 thousand Windows targeting viruses have already been detected) and latest programming languages from Microsoft and Sun Microsystems have made it possible for users to run outside executables on their phones, to enhance their features. Nokia, handsets of which were targeted by Cabir, the proof-of-concept virus, is among the early adopters of Java technology. Motorola has also demonstrated mobile phones fully enabled with Java programming language. Not to be left behind, Microsoft has also started shipping its Smartphones offering convenient Windows like environment on mobile devices that allows users to surf the Internet, use email and instant messaging as well as listen to music. The IT giant has also partnered with HP to create the HP iPAQ h6315, the first Windows Mobile-based Pocket PC Phone Edition device with integrated WiFi capabilities. 

Sure, these are great gadgets that will revolutionise our mobile devices from being mere communication tools to super-charged, multi-utility, intelligent little workhorses having awesome computing power. But they have opened a world of possibilities for destructive minded, as proved by the hacking group 29A by creating a proof of concept WindowsCE.Duts virus. Ellen O’Gormon at Microsoft Mobile Security believes that even though the threat of viruses is real, they will be able to tackle it. He says, “Windows Mobile-based devices offer, through a combination of built-in functionality and third-party software and peripherals, security options similar to laptop PCs that include support for strong passwords, authentication and encryption. In addition, Windows Mobile-based devices also can take advantage of security technology inherent in other Microsoft products.”

Anti-virus for mobiles?

So, are we moving to days when we will need an anti-virus software for our mobile phones and other handhelds? Yes, is the answer from companies like Symantec (known for its Norton Anti-virus Suite), McAfee and Kaspersky Labs. Any effective Anti-virus strategy, though, has to involve four different components; the device itself, the mobile network, the Internet and personal computers of users connected with mobile users via email, SMS or instant messaging. Security companies have sensed the market potential in this field.

McAfee (formerly Network Associates) is already selling its VirusScan Wireless product for handhelds based on the Palm, Epoc and WinCE operating systems and has announced the joint development of a key technological element for a compact anti-virus engine with Japanese mobile operator NTT DoCoMo. Swiss Internet service provider Telephoenix, New Zealand based SimWorks and Helsinki (Finland) based firm F-Secure are also working on mobile phone anti-virus technologies. AV software for WAP gateways are also under the process of development.

The situation on the virus front, however, may not be frighteningly alarming yet. The viruses discovered so far are not destructing type, and have mostly been created with the objective of exposing the security vulnerabilities of mobile devices. Microsoft and Nokia have discounted the possibilities of a major virus outbreak in the near future. However, there is a simple question that we can probably ask them. Can we be sure that every virus writer will be as well intentioned as 29A?