Phone Worm Source Code Out, Expect More Threats

    Date30 Dec 2004
    CategoryHacks/Cracks
    10094
    Posted ByBrittany Day
    The source code for the most prevalent worm targeting mobile phones has been made public, a dangerous disclosure that may lead to more effective attacks. The source code for the most prevalent worm targeting mobile phones has been made public, security firms announced Wednesday, a dangerous disclosure that may lead to more effective attacks. Cabir, which first appeared in June, uses Bluetooth to infect smart phones running the Symbian operating system. Disguised as a security utility, Cabir itself doesn't do any permanent damage, but it has been used to deliver other malicious codes, such as the Skulls Trojan horse, to phones.


    The worm has been detected in several countries, including China, India, Turkey, the Philippines, and Finland, and spreads as people travel with infected phones. According to several anti-virus vendors, the source code for the Cabir worm is out and in the hands of those beyond the immediate circle of "29A," the Russian hacker gang thought responsible for originally creating the worm.

    "As far as we know, until now the Cabir source code was accessible only to a limited number of people, including members of 29A," said Alecks Gostev, a senior virus analyst at Kaspersky Labs in an e-mail. "We think it was planned to publish the source code in the next edition of the group's electronic journal. [But] it looks like someone has already got access to the code, and now it's public.

    "This will lead to a lot of new versions of Cabir," he added.

    U.K.-based Sophos had a different take on the Cabir source code. The code, which Sophos has spotted on a Brazilian hacker's Web site, is not from 29A, but that used to create Cabir.h. and Cabir.i, the two most recent variations. According to Sophos, the Brazilian claims to have written the worms from scratch, then posted his own source code.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Which Linux distribution(s) do you use?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 5 answer(s).
    /component/communitypolls/?task=poll.vote
    7
    radio
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.