Written by Tae Keun Kim - HAURI Virus Lab.

1. Threats of mobile malicious codes

Recently many kinds of PDA (a.k.a. smart phone) have been released to the market. PDA means literally personal digital assistants, it has various useful functions and users can enjoy wireless Internet through this little handy computer; however, those advantage aspects have also brought the mobile devices' security vulnerabilities such as mobile malicious codes. The mobile malicious codes are originally from general PC malicious codes, and many PDA users do settle accounts or money transfer through PDA device, so the critical weakness like personal information leakage will exist all the time as far as people use PDAs.

2. Types and characteristics of mobile malicious codes

There are many kinds of mobile malicious codes. Therefore, we picked out the most common ones as below. Most of them are based on Symbian.

a. Spread out by Cabir Bluetooth, and made for notifying the concept of mobile worm.
b. Spread out by Stealwar Bluetooth, and require fast battery consumption.
c. Spread out by Bootton Bluetooth, and modify icons.
d. Spread out by Fontal Bluetooth, and interrupt mobile's system boot.
e. By using address list in CommWarrior PDA, transfer itself through MMS. If Bluetooth is activated, copy itself through Bluetooth.
f. Spread out by Beselo Bluetooth, MMS, and memory card.
g. Spread out by PbStealer Bluetooth, and transfer address list, test formatted files, calendars, and etc. h. Downloaded from Skull net, and modified the application icons as skull features.
i. Downloaded from Cardtrap net, and block to use by destroying applications.
j. Downloaded from Doomboot net, and stop device operation, even user can't restart device.
k. Get infection on synchronizing Cxover PC and device.
l. Spread out by Mosquit P2P network, and send SMS to require users to pay for the service.
m. Induce to reboot the device by a Hobbes vaccine pretended virus, and after all, mobile doesn't
work anymore due to abnormal execution of system application loading program.

3. Infection route of mobile malicious codes

There are many infection routes due to mobile devices' portable characteristic.

- Many kinds of storage devices (eg. Memory card)
- Synchronization with PC
- Wireless environment based on wireless Internet and Bluetooth
- Malicious code contained MMS and E-mail

PDA can be connected to other devices easily; therefore the infection routes have increased, too.
The general routes are via Bluetooth or MMS, but infection is rarely happened just by a single route.

4. Current situation of mobile malicious codes

As already mentioned in previous part, mobile malicious codes have increased gradually, and until
just recently symbian based malicious codes was the most common one.

By the way, the malicious codes which are based on other platform also have increased continuously; also PDA users and related applications have increased explosively. Precisely, the mobile malicious codes can infect PDA by pretending itself as like a normal application or by inserting itself to a normal application. Recently, a mobile malicious code has been founded in iPhone device, and this iPhone worm had a name like "Ikee worm". The infection target iPhone should be done by a.k.a. "Jailbroken iPhone", also used SSH communication and basic password. This worm modifies the phone desktop image to 1980's star 'Richard Paul Astley', and prints out a message like "ikee is never going to give you up".
Of course, if people use device in normal way, infection may not be occurred, but it's not enough to our great relief against daily developed mobile malicious codes.

5. How to prevent

For now, most of mobile malicious codes used to steal personal information or interrupt mobile device's normal working only, but it has become more smart, so it could do act like present PC  malicious codes in the future.
For example, if PDA is used for DDoS attack by infecting malicious code, the damage will be much bigger than previous attack result, and it could cause over charge for enormous PDA packet usage.
Also, as well known as wireless communication is weaker than wire communication, so if a hacker
steals personal information by using delicate malicious code, the PDA's convenience could become a tragedy due to the vulnerable point of wireless communication.

Usually the damages that caused by using mobile device are occurred because of user's unconcern about security. Even if users care a lot about security, they can't prevent the threats perfectly, but we could say "trying to minimize the threats" is the best way to prevent.
Now, let's learn more how to prevent those threats.

a. Pay attention to device lost or robbery

Mobile device is made for carrying with you all the time, so it is very easy to be exposed to device lost or robbery. Once you lost/are robbed the mobile device, all personal information such as address list, photos, and movie clips in mobile could be leaked, and someone can use it badly.

b. Change the password of mobile device regularly

Mobile devices support password change settings; however, many users do not set password or change the default one due to lack of security knowledge. For preventing security threats, users must set a password that is the hardest guess.

Note: Do not use personal information (eg. Birthday, name, words that easy to guess) for password. There is a threat method that attacks password by assigning common words randomly.

c. Minimize Bluetooth use

Bluetooth is a convenient function to mobile device users, but also it is very easy to be misused by many malicious codes due to its Wi-Fi infrared communication vulnerability. It is desirable for users to turn off Bluetooth when they don't use it, and it is better to be set to notify users whenever Bluetooth connection request is.

d. Do not download illegal programs

In Internet, there are a lot of not-certified softwares, and they could be modified easily by hackers
or malicious code's makers. Many freewares are too tempting to pass up, but users must know that they could be infected because of the illegal program downloading. When users do Internet surfing, they must use legal & certified programs for reducing malicious codes threats.

e. Be careful on using someone's memory card

Once inserting a malicious code infected memory card to your mobile device, it could infect your device, too. Therefore, make sure first if the memory card is safe to use in your mobile device.

f. Do not open attached files of MMS or E-mail indiscriminately

Sometimes hackers send MMS or E-mail with the curious attachments to users, and once a user opens the attached file, mobile device will be infected. So, when you receive any MMS or E-mail from unknown person, you must check the files before opening and also the sender or numbers, too.

g. Before connecting mobile device to PC(PC-Sync), check if there is any malicious code in PC

Some malicious codes do copy themselves to PC-connected devices without user notification. Therefore, users must check first if there is any malicious code in PC before connecting mobile devices to PC.