EPOC_CABIR.A

Discussion in 'malware problems & news' started by Randy_Bell, Jun 20, 2004.

Thread Status:
Not open for further replies.
  1. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    A new proof-of-concept worm, EPOC_CABIR.A is capable of spreading through Bluetooth-enabled devices, and can affect certain mobile phone models from Nokia, Siemens, and Panasonic.

    EPOC_CABIR.A arrives as a series of messages, the first notifying the user there is a message to be received via Bluetooth, then states: "Application is untrusted and may have problems. Install only if you trust provider." The user is then asked to confirm installation.

    Once installed, the worm creates files in the default drive of the device, and creates files in the following directory:
    SYMBIANSECUREDATA\CARIBESECURITYMANAGER

    This worm targets series 60 v0.9, which is a common setting for basic applications.

    Affected models of phones include:
    Nokia 7650
    Nokia 7610
    Nokia 6620
    Nokia 6600
    Nokia 3650, 3600
    Nokia 3660, 3620
    Nokia N-Gage
    Panasonic X700
    Siemens SX1
    Sendo X

    EPOC_CABIR.A can be detected through Trend Micro virus pattern file 1.906.11.
     
    Randy_Bell, Jun 20, 2004
    #1
  2. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Yes Randy, I saw that story in my local newspaper couple days ago, and only last night when I was working, I saw a small company in Brisbane, capital of Queensland [my home State] had developed the very first cure against it.

    Sounds like fun for more up and coming phone users. "Not"..

    Cheers, TAS...
     
    Tassie_Devils, Jun 20, 2004
    #2
  3. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Tassie_Devils, Jun 20, 2004
    #3
  4. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Ooops... in the above links the CEO said they were considering whether to give the patch free or not...

    Guess they spoke with their wallets.....

    Payment here.. LOL.. ONLY $15US

    https://www.paypal.com/cgi-bin/webscr

    Yae, good on ya!!!!

    TAS
     
    Tassie_Devils, Jun 20, 2004
    #4
  5. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    omg thats harsh i hate people like that

    its like me saying i have the cure for aids but im not sure if your all worth saveing i might want to charge money grrr i hope that copany thinking about saleing the patch has bad luck jerks
     
    Mr.Blaze, Jun 21, 2004
    #5
  6. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    I guess Blaze they DID find the 'cure' and they have to market it. So I suppose we can't be too harsh on them.

    But, the CEO should have NEVER said they were considering whether or not to give Free.

    Simply should have stated the company will *consider it's options on distribution of the 'patch' *

    .... something like that.. don't even mention Free... *considering options* could have meant anything and they would have been better off IMO.

    TAS
     
    Tassie_Devils, Jun 21, 2004
    #6
  7. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :cool: yup i algree
     
    Mr.Blaze, Jun 21, 2004
    #7
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...