Security software companies said a new attack program appeared, likely to pose a wider threat to the Cabir worm. This Trojan, called CommWarrior, is described as a virus, aimed at Nokia Series 60 devices running the Symbian operating system.
F-Secure, SimWorks International and a number of other security vendors said CommWarrior was spread by sending messages over Bluetooth wireless connectivity and MMS messaging. This is a new feature compared to the Cabir virus, which only spreads via Bluetooth.
CommWarrior seeks to penetrate phone directory software in Nokia devices. Each time, it selects any one directory and sends a copy to that phone number. This Trojan can be sent to any computer or wireless device running Symbian OS. As with Cabir, the user can accept or deny the CommWarrior download. Thus, the Trojan uses up to 20 different message content to trick the message recipient into opening the file containing it, including messages disguised as legitimate software upgrades from Symbian or pretending to be images. erotic.
MMS (Multimedia Message Service), mobile technology sends text messages with images and sound, is integrated in devices of many brands such as Ericsson, Motorola ... However, CommWarrior attacked Nokia Series 60 phones. Because MMS allows the sending of messages worldwide, the virus can be used to reach far more than Bluetooth, especially to easily forward messages. "The fastest spread of the Cabir worm is at the very top of the airplane," said Mikko Hypponen, research director at F-Secure, said. "The MMS virus, however, is much more powerful and can be as close to e-mail worms as Bagle, Mydoom, Sobig ... A MMS-based attack can travel the world in just a few hours."
Hypponen has so far detected two variants of CommWarrior, inside a file containing a Trojan that hides some text in Russian, evidence that the Trojan may originate from here. An individual who claims to be the author of CommWarrior and downloads the program through his own website but does not provide any further information.
Since there are not many infected users, experts say that CommWarrior can not be spread to a large number of devices. Another reason is that CommWarrior also sends files to fixed line phones because it can not distinguish between fixed and mobile phone numbers.
