Malicious mobile e-mail warning in Japan

[InfoSec News <isn () c4i org>]

http://news.cnet.com/news/0-1004-200-6282498.html?tag=mn_hd

By Ben Charny
Special to CNET News.com 
June 14, 2001, 5:10 p.m. PT 

Japanese wireless phone giant NTT DoCoMo warned the company's 24
million mobile Internet service subscribers Thursday that a malicious
e-mail could be making its way to their phones.

The e-mail, if opened, will dial an emergency number, make calls to a
"large number" of people or crash the consumer's cell phone, NTT said
in a statement posted on its Web site. Although all DoCoMo
Internet-ready handsets are susceptible, so far there have been no
reports of damage, the company said.

DoCoMo said subscribers of its popular I-mode wireless Net service
should be wary of opening e-mails from anyone they don't know or if
their phones begin dialing telephone numbers without any prompting.
Pushing the "Stop" or "Clear" buttons should end the problem.
Removing, then replacing, the phone's battery will unfreeze the phone
if it should crash, according to DoCoMo.

Security experts say the DoCoMo warning is another sign that hackers
are turning their attentions to wireless devices. An increasing number
of phones can download software, which is one way of introducing a
virus. Yet, there is no real antivirus protection on the market for
phones, making them relatively easy prey.

Mobile phones are only expected to become more sophisticated and
simultaneously more prone to attack, security experts say. Java, a
software language that lets phones download software, is expected to
be installed on more than 100 million phones by the end of 2003.

"Anytime you have mobile code, you are going to have problems," said
Richard Smith, chief technology officer from The Privacy Foundation.

Others in the wireless industry agree. In March, Santa Clara,
Calif.-based Network Associates, a security software maker, called
viruses an "emerging security threat" to mobile devices. Cupertino,
Calif.-based Symantec, a security competitor, has heralded handheld
computers as "increasingly at risk" and plans to release its own
protection for Palms later this month.

Viruses and malicious e-mails also are becoming a way of life for
wireless consumers.

In September, researchers at two antivirus companies discovered the
first virus, called Phage 1.0, that infects programs on Palm devices.

Last June, Timofonica, a variant of the LoveLetter virus, spammed
thousands of mobile phone owners in Spain by routing e-mails through
an Internet-to-cellular gateway.




ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.