Security firm Fortinet has issued a warning regarding a worm currently doing the rounds aimed, rather unusually, at SymbianOS mobile phones. Unlike previous worms aimed at the handset OS this is actually in the wild rather than the lab, although it's still highly unlikely you'll come across it by accident. So far the company has only identified Symbian S60 as being prone to the infection.
The malware has been labelled SymbOS/Beselo.A!worm
and travels via multimedia messages sent from infected handsets to contacts harvested from the 'phone's memory. The file attached to the MMS is a Symbian Installation Source (SIS) installer package, but the worm uses a classic bait-n-switch technique, disguising it as a harmless media file like beauty.jpg
Unfortunately SymbianOS checks the header of a file to determine the content and doesn't rely on the file extension, which means that the installers will run even though they do not end in the traditional .sis extension.
In addition to spamming the heck out of your contacts list, Fortinet is reporting that the worm sends messages to automatically generated numbers too, all of which belong to the same Chinese mobile operator. The company says the reason for this is “still under investigation,
” but it would seem to point to the VXer being based in China and possibly having a grudge against the unnamed operator.
There's a pretty simple way to avoid infection, however. Despite Fortinet doing its best to hype up the infection in order to shift copies of its anti-virus solution for mobile phones, the company admits that when the message is opened “the phone issues a warning dialog saying "Application is untrusted and may have problems. Install only if you trust provider",
” which makes it unlikely anyone who actually still pays attention to the dialogue boxes on their equipment will fall for the scam.
Still, this latest spread at least underlines the point that it's not just Windows users who need to take care out there.
Any SymbianOS users out there received any dodgy messages, or do you keep your phone in a lead-lined box just in case? Let us know over in the forums