Cabir hits twelve countries

Cabir, the first Bluetooth mobile phone virus, since being spotted in the wild in late August has slowly spread into the wild in 12 countries, including the US and UK, showing that the new breed of viruses have much in common with their ancestors.

Antivirus companies warned last week that the worm, which spreads to phones that have Bluetooth enabled and run the Symbian Series 60 operating software, had been spotted in a California phone shop last week, the first known sighting in the US.

Finnish virus experts F-Secure Corp said Cabir has now also been spotted in the Philippines, Singapore, the United Arab Emirates, China, India, Finland, Vietnam, Turkey, Russia, the UK, and Italy.

Apparently the creation of 29A, the proof-of-concept virus-writing gang with decade-old notoriety, Cabir was sent to antivirus companies last June, and spotted in the wild in the Philippines in August.

The fact that it has taken six months to spread this far arguably marks the beginning of the wireless virus era, but also demonstrates a proximity-based infection mechanism that harks back to the propagation methods of early boot-sector viruses.

Because it uses Bluetooth, which has a short range, infected devices have to be physically close to vulnerable devices for Cabir to spread. For 12 countries to see infections, either the worm had to be seeded in multiple areas, or infected phones had to travel.

The highest-profile malware threats of the twenty-first century to date are the network worms. Slammer, Blaster, Code Red, the Warhol worms that get their 15 minutes of fame by spreading between thousands of machines around the world in mere minutes.

The most prolific types of malware have been the email worms. Melissa, Bagle, MyDoom. Like network worms, email worms can spread to a computer a thousand miles away as easily as they can infect the PC in the next room.

But because Cabir requires proximity, it has much in common with early viruses, which concealed themselves in the boot sectors of floppy disks and required disk swapping and to an extent software piracy, to spread.

The arrival of the wireless worm may give the antivirus companies new products and services to sell, but the speeds that they presently travel means they should be less problematic for users who have sensible antivirus practices.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing