Bugs on the move: mobile viruses start to bite

Summer always brings out the bugs and this year was no exception as the first mobile viruses started to bite.

Summer always brings out the bugs and this year was no exception as the first mobile viruses started to bite.

Antony Savvas

The European mobile industry has been left reeling from a number of viruses which have been targeted at phones and personal digital assistants (PDAs). And if the industry cannot do something to reassure users, many companies will put off integrating wireless solutions to corporate networks.

The first mobile virus appeared at the beginning of this summer, and affected a small number of users in Spain. The "Timofonica" attack (a play on leading Spanish operator Telefonica, with "timo" meaning "scam" or "con-trick" in Spanish) received a lot of publicity because it followed hot on the heels of the I-Love-You virus which affected fixed networks.

It also received attention however, because of the publicity machine that has driven the widespread hype of wireless application protocol (Wap) phones and the advancing third generation (3G) technology, which are supposed to be the potent forces to form a data content industry for e-commerce.

There were similar characteristics to the I-Love-You virus, however. Both were designed to be spread using Microsoft Outlook e-mail address books, both were written in Microsoft Visual Basic Script, and both were designed to spread using the "brute force" technique of being continually sent.

The users targeted by Timofonica were mobile subscribers on the Movistar network. Unlike the I-Love-You virus though, the numbers affected were small because the Timofonica virus relied on being spread by SMS (Short Message Service) messages being sent from Outlook address books.

The person responsible for Timofonica started the contamination of the Movistar network by going through the operator's Internet mobile messaging gateway, and relied on the first victims having SMS addresses in their Outlook address books which could be used to spread the virus.

However, as most people send SMS messages from phone to phone, most don't bother to record other SMS addresses in their e-mail address books on their PCs, so Timofonicadidn't causeserious problems.

The technique, however, was quickly followed in Germany, where another attacker used the mobile Internet messaging gateways of at least six ISPs, including Lycos.de. It is not clear how many people were affected by the so-called "SMS-Flooder", but the attack also proved that mobile networks are the new sweet shop for hackers and their ilk.

The integration of mobile devices with corporate systems is currently supposed to be one of the most important moves for companies to finalise. But with the risk of a contaminated mobile device spreading a virus or some type of bug through the corporate firewall, there are bound to be concerns.

If the mobile operators fixed their systems to make sure such rogue code did not get onto their networks in the first place, there wouldn't be a problem, but companies will not want to rely on Internet service providers to do their job for them.

But while a strong corporate firewall with anti-virus software is now a must, new strains as yet unseen are bound to be spread, initially undetected.

This is particularly true considering the faster and higher bandwidth mobile technologies which will soon be arriving in the form of GPRS this year and 3G UMTS (Universal Mobile Telephone System) to follow. This technology will allow mobiles and PDAs to easily receive and re-distribute e-mail attachments, presentations, and video clips, which can all, of course, act as Trojan horses for viruses when passing through company firewalls.

And with PDAs, the threat was demonstrated last month by the Palm operating system being affected as a result of some users downloading bootleg games software from the Web. As most PDA users synchronise their devices with their PCs, the threat of spreading viruses is clear.

The mobile handset manufacturers rightly say that the recent attacks are not really viruses, and have so far not been harmful. In the case of Timofonica, the worst a user could receive was an offensive message about Telefonica, but no one knows where the situation will lead.

And even the manufacturers have suffered. In the most recent and third mobile phone attack, a range of Nokia phones were susceptible to a bug sent as part of an SMS message, which froze the keypad. To re-activate the phone, users simply had to take out the battery and put it back in, but logic isn't so apparent when you're in a hurry trying to run an office on the move.

Read more on IT risk management