Skip to content

Cabir sighting in US

February 19, 2005

Cabir infecting a Nokia 3650

Reuters reports on the appearance of the Cabir mobile phone worm “in the wild” in the US.

Cabir isn’t a big deal because it only spreads from Bluetooth-enabled phone to BT-enabled phone and carries no payload other than the worm itself. The only damage it does is to run down the battery of any infected handset as it repeatedly polls for other BT devices to infect.

Nonetheless, it does prove the potential of a worm with a more dangerous payload to do real damage, especially as larger numbers of handsets have BT support and users leave it on by default. The usual advice applies:

  • Only turn on BT when you need to use it
  • Set BT visibility to “hidden” so it can’t be scanned
  • Don’t pair devices if you can avoid it
  • If you must pair, set pairing to “Unauthorized” so you’ll be prompted for interaction
  • Never accept applications from unknown sources

For more information, refer to the Symantec Security Response Cabir page.

From → Uncategorized

Comments are closed.