How Cell-phone Viruses Work


Future cell-phone viruses may be as debilitating as computer viruses. See more cell phone pictures.

The first known cell-phone virus appeared in 2004 and didn't get very far. Cabir.A infected only a small number of Bluetooth-enabled phones and carried out no malicious action -- a group of malware developers created Cabir to prove it could be done. Their next step was to send it to anti-virus researchers, who began the process of developing a solution to a problem that promises to get a lot worse.

­ Cell-phone viruses are at the threshold of their effectiveness. At present, they can't spread very far and they don't do much damage, but the future might see cell-phone bugs that are as debilitating as computer viruses. In this article, we'll talk about how cell-phone viruses spread, what they can do and how you can protect your phone from current and future threats.

Cell-phone Virus Basics

A cell-phone virus is basically the same thing as a computer virus -- an unwanted executable file that "infects" a device and then copies itself to other devices. But whereas a computer virus or worm spreads through e-mail attachments and Internet downloads, a cell-phone virus or worm spreads via Internet downloads, MMS (multimedia messaging service) attachments and Bluetooth transfers. The most common type of cell-phone infection right now occurs when a cell phone downloads an infected file from a PC or the Internet, but phone-to-phone viruses are on the rise.

Current phone-to-phone viruses almost exclusively infect phones running the Symbian operating system. The large number of proprietary operating systems in the cell-phone world is one of the obstacles to mass infection. Cell-phone-virus writers have no Windows-level marketshare to target, so any virus will only affect a small percentage of phones.

Infected files usually show up disguised as applications like games, security patches, add-on functionalities and, of course, pornography and free stuff. Infected text messages sometimes steal the subject line from a message you've received from a friend, which of course increases the likelihood of your opening it -- but opening the message isn't enough to get infected. You have to choose to open the message attachment and agree to install the program, which is another obstacle to mass infection: To date, no reported phone-to-phone virus auto-installs. The installation obstacles and the methods of spreading limit the amount of damage the current generation of cell-phone virus can do.

How They Spread

Cell phones can catch viruses when they download an infected file.
Cell phones can catch viruses when they download an infected file.

Phones that can only make and receive calls are not at risk. Only smartphones with a Bluetooth connection and data capabilities can receive a cell-phone virus. These viruses spread primarily in three ways:

  • Internet downloads - The virus spreads the same way a traditional computer virus does. The user downloads an infected file to the phone by way of a PC or the phone's own Internet connection. This may include file-sharing downloads, applications available from add-on sites (such as ringtones or games) and false security patches posted on the Symbian Web site.
  • Bluetooth wireless connection - The virus spreads between phones by way of their Bluetooth connection. The user receives a virus via Bluetooth when the phone is in discoverable mode, meaning it can be seen by other Bluetooth-enabled phones. In this case, the virus spreads like an airborne illness. According to TechnologyReview.com, cell-phone-virus researchers at F-Secure's U.S. lab now conduct their studies in a bomb shelter so their research topics don't end up spreading to every Bluetooth-enabled phone in the vicinity.
  • Multimedia Messaging Service - The virus is an attachment to an MMS text message. As with computer viruses that arrive as e-mail attachments, the user must choose to open the attachment and then install it in order for the virus to infect the phone. Typically, a virus that spreads via MMS gets into the phone's contact list and sends itself to every phone number stored there.

In all of these transfer methods, the user has to agree at least once (and usually twice) to run the infected file. But cell-phone-virus writers get you to open and install their product the same way computer-virus writers do: The virus is typically disguised as a game, security patch or other desirable application.

The Commwarrior virus arrived on the scene in January 2005 and is the first cell-phone virus to effectively spread through an entire company via Bluetooth (see ComputerWorld.com: Phone virus spreads through Scandinavian company). It replicates by way of both Bluetooth and MMS. Once you receive and install the virus, it immediately starts looking for other Bluetooth phones in the vicinity to infect. At the same time, the virus sends infected MMS messages to every phone number in your address list. Commwarrior is probably one of the more effective viruses to date because it uses two methods to replicate itself.

So what does a virus like this do once it infects your phone?

The Damage Done

The first known cell-phone virus, Cabir, is entirely innocuous. All it does is sit in the phone and try to spread itself. Other cell-phone viruses, however, are not as harmless.

A virus might access and/or delete all of the contact information and calendar entries in your phone. It might send an infected MMS message to every number in your phone book -- and MMS messages typically cost money to send, so you're actually paying to send a virus to all of your friends, family members and business associates. On the worst-case-scenario end, it might delete or lock up certain phone applications or crash your phone completely so it's useless. Some reported viruses and their vital statistics are listed below.

As you can see from the above descriptions, cell-phone viruses have gotten a lot more harmful since the Cabir worm landed in the hands of researchers in 2004. But on the bright side, there are some steps you can take to protect your phone.

Protecting Your Phone

The best way to protect yourself from cell-phone viruses is the same way you protect yourself from computer viruses: Never open anything if you don't know what it is, haven't requested it or have any suspicions whatsoever that it's not what it claims to be. That said, even the most cautious person can still end up with an infected phone. Here are some steps you can take to decrease your chances of installing a virus:

  • Turn off Bluetooth discoverable mode. Set your phone to "hidden" so other phones can't detect it and send it the virus. You can do this on the Bluetooth options screen.
  • Check security updates to learn about filenames you should keep an eye out for. It's not fool-proof -- the Commwarrior program generates random names for the infected files it sends out, so users can't be warned not to open specific filenames -- but many viruses can be easily identified by the filenames they carry. Security sites with detailed virus information include: F-Secure, McAfee and  Symantec.
  • Some of these sites will send you e-mail updates with new virus information as it gets posted.
  • Install some type of security software on your phone. Numerous companies are developing security software for cell phones, some for free download, some for user purchase and some intended for cell-phone service providers. The software may simply detect and then remove the virus once it's received and installed, or it may protect your phone from getting certain viruses in the first place. Symbian has developed an anti-virus version of its operating system that only allows the phone's Bluetooth connection to accept secure files.

Although some in the cell-phone industry think the potential problem is overstated, most experts agree that cell-phone viruses are on the brink of their destructive power. Installing a "security patch" that ends up turning your phone into a useless piece of plastic is definitely something to be concerned about, but it could still get worse. Future possibilities include viruses that bug phones -- so someone can see every number you call and listen to your conversations -- and viruses that steal financial information, which would be a serious issue if smartphones end up being used as payment devices (see Bankrate.com: Paying by cell phone on the way). Ultimately, more connectivity means more exposure to viruses and faster spreading of infection. As smartphones become more common and more complex, so will the viruses that target them.

For more information on cell-phone viruses and related topics, check out the links on the next page.

Related HowStuffWorks Articles

More Great Links

Sources

  • "Cell-Phone Viruses." TechnologyReview.com.http://www.technologyreview.com/articles/05/05/issue/feature_emerging.asp?p=9
  • "Cell phone virus turns up the heat." News.com.http://news.com.com/Cell+phone+virus+turns+up+the+heat/2100-7349_3-5520003.html
  • "Clock's ticking on phone virus outbreak, experts say." News.com.http://news.com.com/Clocks+ticking+on+phone+virus+outbreak%2C+experts+say/2100-7349_3-5756428.html?tag=mainstry
  • "First cell phone worm emerges." NewScientist.com.http://www.newscientist.com/article.ns?id=dn5111
  • F-Secure
  • "The Future of Cell Phone Viruses." BonafideReviews.com.http://www.bonafidereviews.com/article.php?id=93
  • "New mobile virus ups the ante." SearchSecurity.com.http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1076338,00.html http://www.f-secure.com/
  • "Phone virus spreads through Scandinavian company." ComputerWorld.com.http://www.computerworld.com/securitytopics/security/virus/story/0,10801,104300,00.html
  • Symantec Security Responsehttp://securityresponse.symantec.com/
  • "Threat From Mobile Device Viruses a Sleeping Giant." CRM News.com.http://www.crmbuyer.com/story/44222.html