Cardtrp mobile phone virus can spread to PCs

Posted on 22 Sep 2005 at 15:37

Security companies have discovered a new type of mobile phone virus that can also infect desktop computers.

Under the name CARDTRP.A, the new virus appears to be very much a proof of concept affair. Real-world infections have yet to be sighted, and the virus components are themselves 'unremarkable' according to F-Secure.

The virus arrives either through a Bluetooth wireless connection or by downloading it off the Web. It infects Symbian Series 60-based phones such as a number of Nokia devices, and overwrites system (sis) files with corrupted versions causing them to malfunction.

But it also copies a number of other viruses to the drive E, normally associated with the memory card. Once a user realises the phone is infected, however, the first response is likely to be to take the card to a computer in order to copy antivirus software or other utilities in order to restore the phone to working order.

Once in the memory slot of a desktop PC, though, the files - which includes a backdoor password stealing Trojan and a self-propagating worm - attempt to autorun. F-Secure notes that it is currently unaware of versions of Windows that allow autorun functions from a memory card, but with the caveat that it may be possible in certain circumstances.

Raimund Genes, President of Trend Micro European Operations, warned all users to remain vigilant. 'This attack is really a proof of concept and may be an indication of a new type of blended threat to come ... As mobile threats continue to evolve, it's likely that we will see further attacks similar to this, but utilizing more robust propagation techniques and therefore carrying a higher potential for infection.'

Author: Matt Whipp