NEWS FROM THE LAB - Friday, August 22, 2008

An Unexpected Demonstration of Mobile Security Posted by Sean @ 19:36 GMT

Encountering a mobile phone worm "in the wild" has never been a common event. But even less common must be encountering one in the wild while you're giving a presentation on mobile phone security.

Erkki Mustonen (Eki) is a Technical Service Manager here at F-Secure. He's very knowledgeable and frequently handles requests for comment from Finnish journalists regarding AV technologies.

Earlier this week Eki was visiting a customer's premises and was giving a presentation to approximately twenty people. As he was discussing the topic of mobile malware, a quite unexpected demonstration took place. Some of the phones within the room started to flicker simultaneously. Very soon it was determined that connection attempts were being made from a phone located somewhere nearby (but not in the room itself).

What was the source of the commotion? It was Commwarrior.B sending a copy of itself to open Bluetooth connections. Three years old and the worm is still kicking around.

The customer's phones were all Symbian S60 3rd Edition phones with F-Secure Mobile Security installed. So there were no infections and no problems. Commwarrior.B will not install on a S60 3rd Edition phone. Regardless, it wasn't even given the chance.

And the nearby S60 2nd Edition phone with the Commwarrior.B infection? Eki thinks that the phone's owner really should consider installing a security solution…

Here are some screenshots from Eki's Nokia E61i: