Mabir.A

[alexander]

No this is not a spam message, Mabir.A is the second mobile phone virus that spreads by pretending to be a returned message from a friend.

"

The Mabir.A virus affects Symbian Series 60 phones and is sufficiently similar to the first mobile phone virus Cabit to make some experts think it has the same author. But rather than just relying on Bluetooth to spread Mabir.A uses incoming messages to spread, making it potentially more virulent. "The MMS spreading function of Mabir.A uses a new social engineering technique," said Jarno Niemela, a researcher at antivirus specialist F-Secure's laboratory.

 

"Instead of just reading all phone numbers from the local address book, the Mabir.A listens for any SMS or MMS messages that arrive to the phone. When a message arrives, Mabir.A sends itself as MMS message to the sending phone number, thus posing as a reply to whatever message was sent to the infected phone."

 

This ability to spread over long distances via popular messaging services in combination with other transmission techniques opens up the prospect for much wider outbreaks than if the virus relied on radio transmission alone.

 

While the virus can spread by Bluetooth there appears to be a flaw in the virus program. If an infected phone identifies another device on Bluetooth which then moves out of range the phone will try and reacquire the same device rather than looking for others.

"

 

People who write phone viruses have too much free time and nothing to do, so they inhale vigorously in an upward and outward motion somewhat convulsively ;)

[nemo]

People who write phone viruses have too much free time and nothing to do

Seems they have found something to do... I've heard a lot of attempts at psychological breakdowns of people who write malicious code over the years, but from what I can tell, for most it's similar to an exciting puzzle or a decent game of chess. I don't advocate sending a virus into the wild, but there is something to be said for the thought process of a person willing to examine code to the point of finding the flaw that allows malicious code to exist. As for the idiots who change a few lines of meaningless errata and call it their own: I reading about them in the morning paper - claiming to be l33t as they are hauled off to the courthouse by a cop who runs Windoze 95.

[alexander]

the problem is that new viruses are very rarely creative anymore, the old times, viruses used to be works of art, exploiting nev volnurabilities in crazy ways that take skills to use, however the new virus writers need only to take a good virus code base (take msblast) modify it a little bit, change ports, sequenses, events and the header, recompile it and release as a new virus...(as you said)

 

examining code is really not that difficult, there is a lot of information you can find online about things like buffer overflow and how you can exploit it, articles like that tend to discuss how exploitable code looks, where it can be exploited and how dangerous such an exploit can be. Although i do agree some people are genious with what finding the smallest flaws and exploiting them...