The title link leads to F-Secure description of the "comwarrior" S60 worm, which uses MMS as a spreading mechanism in addition to the bluetooth.
It was quite a surprise for me to find out that it was possible to send symbian installation packages (SIS-files) as MMS messages! Naturally this is not possible from UI using the built in applicaition. In this case the malware seems to do the sending itself and sending the sis file instead of the media file.
This could have been easily prevented on the network side by just double checking the file type of the file the mobile phone is trying to send.
As stated by F-Secure, the comwarrior is not going to spread widely nor it is going to be a threat to the mobile phones. However, it is an example that the writers of the malware try to find holes in all systems handling data to the mobile phones.
All of the mobile platforms have been relatively free of malware. Especially Symbian OS has been by its architecture very secure to the threats outside the phone. To keep it that way we have to make sure that in addition to the OS platform, the new services offered by the network take security into the account.
No comments:
Post a Comment