RealTime IT News

Cabir Hits U.S.

Finnish antivirus firm F-Secure has detected the first U.S. variants of the Cabir virus, which infects cell phones using the Symbian operating system. The company said the variants, Cabir.H and Cabir.I, were discovered in Santa Monica, Calif.

The original virus, Cabir.A, has been spreading in the wild throughout Europe and Asia since June after its writer posted variants on a Web page. It was capable of spreading from mobile phone to mobile phone, but only with each reboot, which effectively limited the possibility of causing a widespread outbreak.

But subsequent variants, including the most recent documentation in California, are not subject to reboot restrictions and may spread to as many phones that are within range, according to F-Secure.

Although the Cabirs do not carry a malicious payload, they block all Bluetooth connectivity and will drain a phone battery, according to F-Secure.

Once a phone is infected, it is capable of searching for other vulnerable phones through a Bluetooth wireless connection and transmitting a file that contains the network worm, according to F-Secure.

As previously reported by internetnews.com, the Cabir viruses are transmitted as an SIS file (Symbian OS distribution file) and disguised as a Caribe Security Manager utility.

"This is not going to be the end of the world," Mikko Hypponen, research director at F-Secure, said. "The common Cabir variants have been proven to be very slow in spreading in the wild."

Hypponen also pointed out that Symbian-based phones aren't as common in the United States as in many other countries, especially Europe. However, he did note that Symbian has more than 80 percent of global market share in the operating systems of new phone shipments.

The Symbian OS can be found in some phones made by Nokia, Siemens, Sony Ericsson, Motorola and Panasonic. F-Secure estimates 20 million cell phones use Symbian.

F-Secure said the virus made its way into the wild in June after the writer posted variants on a Web page.