A variant of the Cabir mobile virus, called Mabir, has been targeting mobile phones using the Symbian Series 60 operating system. Mabir is capable of spreading via Bluetooth or by a phone’s messaging service.
|Mobile Phones Targeted By Agressive Trojan|
While the Cabir virus proved mobile attacks can be quite effective, Mabir takes mobile viruses to next step by being more aggressive than its predecessor. Security experts at F-Secure indicate once a phone is infected with Mabir, it actively looks for methods with which to infect other phones.
According to their summary, Mabir will use a phone’s Bluetooth capabilities to find other phones it can infect. Once it has located such a device, Mabir sends infected files to it. F-Secure also reveals, “The SIS files that Mabir.A sends have always the same file name: caribe.sis.”
Not content to stop there, Mabir also waits for an infected phone to receive a MMS (multimedia) or SMS message. Once received, Mabir responds with an infected MMS message containing an info.sis file. Mabir’s MMS does not feature any text, just the virus installation file. If the tainted file is installed, the virus continues its attempts to propagate itself by infecting other phones.
For more information about Mabir and instructions on removal, visit F-Secure’s summary page.
An advisory issued by security company Secunia warns of a new vulnerability affecting Mozilla’s Firefox browser. Secunia rates the new Firefox security issue as “moderate”.
According to Secunia’s advisory
Successful exploitation may disclose sensitive information in memory.
In response to the newly discovered vulnerability, Secunia has developed a test in order to determine whether or not installed versions of Firefox are affected. Their advisory also reveals the security hole has been confirmed in Firefox versions 1.0.1 and 1.0.2.
Australian Car Dealership Fined For Mobile Phone Spam
An article by Sophos.com indicates a car dealership website based in Melbourne, Australia has been fined for spamming mobile phones. The site sent unwanted SMS text messages to numbers retrieved from newspaper advertisements.
According to the Sophos article:
The carsales.com.au website was given a AU $6500 fine by the Australian Communications Authority (ACA) for sending unsolicited commercial SMS messages in breach of the 2003 Spam Act, following complaints from the general public.
According to an ACA spokesperson, this is the first time an Australian company has been fined for sending spam messages to mobile phones.
The fine comes while messaging between mobile phones is becoming a preferred choice of spammers and malicious program developers. Oddly enough, the site’s privacy statement revealed the company’s intentions and their methods of collecting the names of their mailing list.
The privacy page also stated the company did not believe they were violating any conditions of current anti-spam legislation.