Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Worms Security Communications Entertainment Games

'Metal Gear' Symbian OS Trojan Disables Anti-Virus 197

Omniscientist writes "Just when you thought your Series 60 smartphones were safe, a trojan has surfaced with a two-pronged attack that also in turn disables any anti-virus protection available. Infosyncworld has news about a trojan masquerading itself as a port for the Metal Gear game that disables all anti-virus software on the phone and other necessary utilities like file managers. Also, it affects other phones nearby it via Bluetooth. This trojan has been dubbed 'Metal Gear.a,' quite aptly."
This discussion has been archived. No new comments can be posted.

'Metal Gear' Symbian OS Trojan Disables Anti-Virus

Comments Filter:
  • Oh Great.. (Score:5, Funny)

    by Renraku ( 518261 ) on Wednesday December 22, 2004 @01:16PM (#11160610) Homepage
    So now I need tin foil for my cell phone, too.

    Well, I don't really have a cell phone, but if I did..I'd need tin foil for it.
    • If tinfoil around the phone reduces its Bluetooth sensitivity, then yeah, a tinfoil hat just might help. And here I am with a 3660. Bluetooth and Symbian!

      As I've not used the BT capabilities at all, does anyone know if I have to activate the BT on the phone, or is it in some sort of listen mode by default? And if so, is there a way to disable it until I actually need to use it?
      • Re:Oh Great.. (Score:5, Informative)

        by snorklewacker ( 836663 ) on Wednesday December 22, 2004 @01:36PM (#11160876)
        Bluetooth is normally off by default. Even if it's on, it's going to prompt you multiple times if an unknown device tries to connect -- once to establish the connection, again to receive anything, then you have to explicitly open the attachment and go through yet another warning about installing software. Spreading via bluetooth is probably more effective via trusted paired devices. my gf and I have 6600's and we have them paired so we can share pictures more or less instantly. So if for some reason one of our phones got this worm, then it would transmit to the other phone pretty much silently -- still wouldn't auto-install though.

        In other words, if you have a brain, you're safe. Watch out for bluesnarf attacks though, which can read all your data off your phone if you have an older bluetooth stack.
        • Ah, much obliged for the info.

          On a related note, I need to get a Bluetooth USB dongle for my computer. Transferring things to my laptop over IR is so slow and always feels needlessly precarious.
        • In other words, if you have a brain, you're safe...

          We, the masses, have been doing just fine without one of those, thank you very much. We obviously welcome our virus writing overlords.

  • more! (Score:4, Funny)

    by Prophet of Nixon ( 842081 ) on Wednesday December 22, 2004 @01:17PM (#11160636)
    I just want an unstoppable cell-phone virus that permanently disables ringing... then I could cope with the things being about.
  • ..when the purple-stuffed webworm in the flap jaw space with the tuning fork does a RAW BLINK on hairi kairi ROCK!!!

    I NEED SCISSORS!

    61!!!
  • All I have to say (Score:2, Insightful)

    by tomstdenis ( 446163 )
    HAHAAHAHAHAHAHAHAHAHA

    This is what you get for making a phone "more than a phone".

    Well that and price gouging. For example, a "quad-band GSM" phone often cells for $300 more than the average dual-band. However, going quad-band is mostly a small change in terms of the radio/hardware as it's just off by 50Mhz [e.g. the SWR won't be that high]. ... so how do they justify the hike? Oh they add in Java, cameras, ring tones, etc... You want a toy? Buy a gameboy. A phone should be phone.

    Hahahahahahaha

    Tom
    • I concur :) My "very hot brick" phone is perfect.

      -Jesse
    • by timmyf2371 ( 586051 ) on Wednesday December 22, 2004 @01:31PM (#11160817)
      You want a calculator? Buy a calculator.
      You want a text editor? Buy a dedicated word processor.
      You want to watch DVDs or other media? Buy a DVD player.
      You want to send an e-mail? Buy a dedicated e-mailer.

      So, based upon your way of thinking I'm assuming your above post was made via a WebTV or similar dedicated Internet-only terminal, right?

      • Nonsense, very poor analogy. The basic phone is a ubiquitous device that everyone knows how to use, that should not need an instruction manual. The cellphone should be the highly portable incarnation. "Grownup" models, forsakes the "kiddie" crap and make it smaller or enlarges the battery, are needed too.

        I'm dreading the day when my four year old Motorola StarTAC dies.
    • This is what you get for making a phone "more than a phone".

      Reminds me of a story: Two years ago, the Sprint salesmean was trying to sell me the latest Sanyo. This kid (probably still in college), went on and on about the cool features of ringtones and web access. Then, he said, that I "...could even take a picture of someone with the phone and link that picture to that persons phone number". In short, everytime said person called me, their picture would pop up on my phone.

      I asked him "Instead of doin

    • Comment removed based on user account deletion
    • Were do you get your price information?

      I just picked up the motorola v551 quad band GSM with built in video capture and playback, Bluetooth, etc, etc.

      If I actually get the rebate I will have spent $50, if i don't I will have spent $100.

      If I bought it on the street it's $150.

      Where is the $300 more?? are they paying you to take the cheap phones now?
    • No. Although I currently use a no-feature cellphone, and am not interested in a camera-java-game phone, I still strongly disagree with you. Just because a current set of add-ons to the basic cell phone are stupid doesn't mean some add-ons wouldn't be useful.

      For example, I could see real use for things like PIM functionality backed by a remote server (PIM functionality alone is bad if the phone can die/break/be misplaced/stolen etc.), a couple gig of onboard flash data storage, speech to text to speech pr
      • I wasn't particularily interested in the camera / Java aspects of owning a phone, but I was insistent that I get Bluetooth on it so I could use it as a network gateway. I already owned a Tungsten T, so I had all the handheld computing power I needed in a comfortable form factor.

        Unfortunately, Bluetooth was only an option on multi-function phones. I ended up getting an S-E T637, which includes a camera, Java, etc. At least the phone's form factor is still small enough that it's not uncomfortable to wear

    • Comment removed based on user account deletion
  • there are some other worms too... i guess one of them puts the picture of skulls in place of all your icons. can any slashdotter put up a link to all the known mobile worms and viruses, plz...
  • I use a v66 dumbphone. It makes phone calls It stores phone numbers. It does voice dialing But I haven't figured that part out yet.
    • Amen. I have this five-year-old Sony with one incredible feature: it almost never drops phone calls. They'll have to pry it from my cold dead fingers before I give it up for one of these new toys!
  • by Zog The Undeniable ( 632031 ) on Wednesday December 22, 2004 @01:20PM (#11160673)
    So don't panic too much about the Bluetooth infection method. When something truly independent like Code Red can spread via Bluetooth, that's when people will start leaving their mobiles at home. Hang on, there's an idea...maybe I can sell it to rail passengers and restaurant customers and make $$$$?
  • But this isn't one of them.

    People laughed at me when Bluetooth was first announced. I said I didn't want my cell phone or PDA being frisked by other units as I walked around.

    I still refuse to carry any Bluetooth equipment. Who's laughing now?

    And, more importantly, how long until a crooked cop uses such a vulnerability to plant evidence on your PDA [typepad.com]?
    • by Anonymous Coward
      "People laughed at me when Bluetooth was first announced"

      I choose to steer clear of it due to its really idiotic name, anyway. It does not sound like high tech. It sounds like something you find in someone's mouth in the front row of a Willie Nelson concert.
    • Ermm.. or you can simply turn bluetooth off?
    • I am (Score:4, Insightful)

      by SuperKendall ( 25149 ) * on Wednesday December 22, 2004 @01:37PM (#11160892)
      Actually, I'm laughing pretty hard at the thought people don't know you can disable bluetooth on phones.

      I only turn mine on when I'm synching with something or using it as a data connection with my laptop.
    • > People laughed at me when Bluetooth was first announced.

      I'm still laughing at you. Why some geeks choose to remain ignorant is beyond me. If you don't want to use it, fine. I like using my ericsson bluetooth headset on my nokia phone thankyouverymuch. If a crooked cop wants to plant evidence, they can just drop a kilo into my trunk. Jesus.
      • You don't have to use the adjective 'crooked' in front of cop anymore. The word cop says that itself these days. If you need to denote a cop who is not crooked, you HAVE to say 'Honest' cop however. Otherwise it is assumed that they are crooked.
    • "They also laughed at Bozo the clown." -- Carl Sagan
  • There's going to be a day when all cell phones are running servers over wireless for p2p communications. When that day comes, walking past the wrong person will hose your phone.
  • Gah! The thought boggles the mind.
  • by JossiRossi ( 840900 ) on Wednesday December 22, 2004 @01:23PM (#11160721) Homepage
    "Oh look a Metal Gear Port.. horray downloading..."
    "Dude you're cell.. it's dying I think..."
    "Snake? SNAKE?! SSSSSNNNNAAAAAKKKKEEEEEE!!!!!!"
  • Communicator (Score:2, Insightful)

    by matmcfad ( 842760 )
    Does anyone ever think of hitting the off button on there bluetooth?
    • Re:Communicator (Score:4, Insightful)

      by Ironsides ( 739422 ) on Wednesday December 22, 2004 @01:36PM (#11160877) Homepage Journal
      When Latest windoze worm announced:
      Does anyone ever thing of hitting the off button on there cable/DSL modem?

      If you use it, you leave it on. If you don't use it, you may not even know it is there.
      • "When Latest windoze worm announced: Does anyone ever thing of hitting the off button on there cable/DSL modem?" Yeah. I've learned how to read the blinky light patterns to tell when malware is coming down the pipe. As soon as I see it in the queue, I hit the off button!
      • How is that viable? If you know you have a worm it's better to disable the network connection on your PC. Why disturb other devices on your network because of one infected device?

        Turning off bluetooth is a good idea if you know you're not gonna use it. Mod grandparent up.
        • What I mean by that is this:
          Lets say the latest windows worm has been released. I am not yet infected. I am not going to shut off my cable modem just because there is a worm on the internet that I have not contracted.

          As for turning off bluetooth if I'm not gonna use it. I highly doubt a lot of these people that aren't using bluetooth even know that they have bluetooth in their phones, much less what it is. And before saying anything about it being in the manual, How many people actually read the entire
      • Yes.. but if you run a service of some sort from home.. disconnecting isn't an option.
  • I fell asleep last night with the comfort of knowing that all Series 60 phone users were safe. In fact, I said a little prayer giving thanks for that. Tonight, I doubt I sleep at all, what with all the worrying I will do for those poor, poor series 60 phone owners.
  • Stop the press! (Score:3, Insightful)

    by sjofi ( 307114 ) on Wednesday December 22, 2004 @01:25PM (#11160762)
    You can install a program on your computer that does bad things. Also on your Symbian mobile phone if you really really want to and decide to discard multiple warning messages.
  • by GlueyPorchBoy ( 842759 ) on Wednesday December 22, 2004 @01:26PM (#11160768) Homepage Journal
    Any real fan of the series would be expecting a set-up, anyway.
  • What if someone were to find an exploit in a few cell phone OSes? Then find an exploit in the routing software/hardware of cell towers?

    Infect their own phone, that infects every cell tower it cells to, and that tower infects every cell phone it can see, etc.

    I'd make the payload somthing to either disable the ringer, or play some annoying loud-ass tone for hours.
  • I think I have this one on my web-enabled phone I'm using to get to Slashdot now. I see something odd happening to the icons in the cor $%$YT$%45#@544D3$ [end of line]
  • MG (Score:5, Funny)

    by justforaday ( 560408 ) on Wednesday December 22, 2004 @01:31PM (#11160822)
    I guess I should expect to see people staring at their phones going "Snake? SSSSNNNNAAAAAAKKKKEEEEEE!!!!"
  • go ngage! go ngage!
  • I'm getting around these problems, as I have done all I can to make my mobile phone very secure. You can see a photo of the modifications so far. [clara.net]
  • Makes me think that a Metal Gear Solid game would be a good idea for a phone, and the best part is that your service provider could bill you for each codec call you initiae to Meryl. And Revolver Ocelot could torture you by making you type an inane text message as quickly as possible using all capital letters and the words LOL and L8R.

    And of course let's not forget being able to sit on a bus and make every other passenger listen to Liquid scream "SNAAAAAKE! PREPARE TO DIE, MY BROTHEEEERRR!!!!"
  • by mark-t ( 151149 ) <markt AT nerdflat DOT com> on Wednesday December 22, 2004 @02:07PM (#11161198) Journal
    The most perfect crime isn't just one where you're not actually caught, it's one where nobody ever notices that the crime was committed in the first place. If you shut down the antivirus software, you leave a potentially very visible avenue that leads directly to the cause.

    That's why if I were to actually go about writing a virus, it would not actually disable any existing antivirus software at all, but would make suitable patches to the most common ones so that my virus would simply not be detected by it, thereby convincing most people into naively believing that their antivirus software is running as expected during what is actually the virus's dormancy period.

    Why nobody else has tried this is beyond me.

    Does the fact that I would even think of something like this make me a bad person?

    • Why nobody else has tried this is beyond me.


      Heh... how do you know they haven't?

  • by gelfling ( 6534 ) on Wednesday December 22, 2004 @02:13PM (#11161262) Homepage Journal
    So who has more free time on their hands - the people who play online games on their phones or the people who write viruses for people who play online games on their phones.

    I swear it's slackers like you that will lead to more ridiculous regulations.
  • Help! My phone slash mp3 player slash radio slash camera slash calculator slash agenda slash gaming device slash clock got a virus!
  • by kindbud ( 90044 ) on Wednesday December 22, 2004 @02:21PM (#11161345) Homepage
    Just when you thought your Series 60 smartphones were safe, a trojan has surfaced ... that disables all anti-virus software...

    If the things need anti-virus software, they were never safe to begin with.

  • Gee, phones with after-the-fact anti-virus software. Java. Custom games. Trojans posing as games. All because Symbian's the most popular OS for phones.

    I don't suppose there's a Limited User mode for a phone, is there? :-)
  • Seriously (Score:2, Insightful)

    For a bunch of self defined "nerds" people here sure have a problem with high tech phones. I guess they have never wanted to look something up on google in the car, or connect their laptop to the internet wirelessly, check their email, or take a picture of something funny or important.

    My nokia 6600 is awesome, gets great battery life, and reminds me when i am supposed to be places. Bluetooth lets me transfer information from my laptop to it, such as contact and calendar events.

    It has revolutionized the
  • What, if anything, does this story have to do with adding/decreasing the credence of the "security through obscurity" myth/theory?

    Is there something really valuable to be gained by hacking Symbian phones? Some financial motive that gets people motivated to hack. Or is it just an insecure OS easily hacked?

  • Where's my mobile firewall? 3G TCP/IP, BlueTooth, IR, serial... my "MiniMe" is wide open to any attacker who comes around.
  • Metal Gear Solid Worm? Like as opposed to a solid snake.

    And is there a Liquid Worm out there, lurking?

    (and no I am not a fanboy; those games *SUCK* big balls: I always though the solid and liquid snake names were some obscure Japanese fecal-matter reference).
  • Why couldn't they have taken the cool path and named it "FOXDIE"?

"Facts are stupid things." -- President Ronald Reagan (a blooper from his speeach at the '88 GOP convention)

Working...