lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: etomcat at freemail.hu (Feher Tamas)
Subject: Fw: This is your virus calling (the handy malware)

Date: Mon, 14 Jun 2004 22:02:55 +0400 (MSD)
Subject: Virus News: Viruses move to mobile phones
From: news@...persky.com

Virus News. Monday, June 14, 2004
***********************************

1. Viruses move to mobile phones
2. How to subscribe/unsubscribe
3. Security Rules

****

1. Viruses move to mobile phones

Kaspersky Labs detects Cabir, the first network worm for mobile phones

Kaspersky Labs, a leading information security software developer, has
detected Cabir, the first network worm which propagates via mobile
networks. It infects telephones running Symbian OS. So far, Cabir does
not seem to have caused any security incidents.

It seems that the worm was writtten by "Vallez". This pseudonym is 
used by 29a, an international group of virus writers. The group 
specialises in creating proof-of-concept viruses. Among the group's 
creations are Cap, the first macro virus to cause a global epidemic; 
Stream, the first virus for additional NTFS streams; Donut, the first virus 
for .NET and Rugrat, the first Win64 virus.

Preliminary analysis of the malicious code shows that that Cabir is
transmitted as an SIS file (Nokia Phone Game File), but the file is
disguised to be a Caribe Security Manager utility, part of the telephone
security software. If the infected file is launched, the telephone
screen will display the inscription "Caribe". The worm penetrates the
system and will then be activated each time the phone is started. Cabir
scans for all accessible phones using Bluetooth technology, and sends a
copy of itself to the first one found.

Analsysis of the worm's code has not so far detected any malicious
payload.

The worm is coded to run under Symbian OS, used in many Nokia
telephones. However, it is possible that Cabir will function on handsets
produced by other manufacturers.

****************

2. How to subscribe/unsubscribe

If you would like to subscribe to other Kaspersky Lab news blocks or
to unsubscribe from this news block, you can do so by visiting
http://www.kaspersky.com/subscribenow.html

If you experience any problems with this procedure, please contact us 
at: webmaster@...persky.com

3. Security Rules

To avert unsanctioned attempts to distribute false or forged email 
news messages under purportedly originating from Kaspersky Labs 
please note that real Kaspersky Labs news messages are sent only in 
plain text format and never include file attachments.

If you receive an email disregarding these strict guidelines, please do 
not open it, but rather forward it to Kaspersky Labs technical support 
(support@...persky.com) so its contents can be examined.

****

Best Regards,

Kaspersky Labs Threats Information Department

-----
10 Geroyev Panfilovtsev St.,
125363, Moscow, Russia
Telephone/Facsimile: +7 (095) 797 87 00
Web: http://www.kaspersky.com
Email: webmaster@...persky.com


Powered by blists - more mailing lists