A Week in the News: Mobile Malware’s Tenth Birthday

This week: the first mobile malware turns 10; we check in on Android security news and recent data breaches; and we fill you in on the week’s patches.

In the news this week: it’s been 10 years since the first known worm targeting mobile devices emerged. We’ll also check in on the latest Android security and privacy news as well as a couple of data breaches that spilled sensitive user information. As always we’ll let you know about any patches that are available. This and more below:


The First Mobile Worm

A decade ago this week, the first ever mobile malware emerged on Nokia’s now-nearly-extinct Symbian platform. ‘Cabir’ – as it came to be known – was not discovered in the wild by a complicated network of detection systems like much of today’s malware samples. It was quite literally handed to what was then the much younger, 2004-version of Kaspersky Lab.

It was a simpler time in terms of malware and Cabir was something of a simple worm, relatively speaking. The worm spread via Bluetooth, which was likely novel at the time, but is fairly commonplace now. Perhaps the strangest aspect to Cabir is that it didn’t actually do anything beyond propagating to nearby, Bluetooth enabled phones and displaying the word “Caribe” on the screens then and every time a user turned his or her phone on.

Kaspersky Lab tested the worm out on a Nokia N-Gage, which you may or may not remember. Luckily, if your curious, we put together a slideshow showing the sorts of phones Cabir would have infected.

Android News

Just yesterday, Government officials in the United States announced that Google and Microsoft would implement ‘kill switch’ features into their Android and Windows Mobile operating systems. It may strike you as odd that government officials – rather than officials from Google or Microsoft – would make such an announcement. However, in recent years there’s been an alarming increase in smartphone theft. Unfortunately, these crimes are often violent, resulting in injury and even loss of life.

As it turns out, studies have shown that in the period of time that Apple’s “Activation Lock” feature has been available, iPhone theft has steadily decreased.

A international conglomeration of elected and law enforcement officials recognized that violent, smartphone related crime was a problem, so they launched the Secure Our Smartphones (S.O.S.) initiative. S.O.S. was intended to convince Microsoft and Google to implement a feature that would render a mobile device useless if stolen. Of course, Apple had already done so with its “Activation Lock” feature, which makes it impossible for a thief to unlock a stolen phone without the proper user’s iCloud username and password.

As it turns out, studies have shown that in the period of time that Apple’s “Activation Lock” feature has been available, iPhone theft has steadily decreased. Tellingly, over the same period of time, thefts targeting devices without a ‘kill switch’ feature continue to increase. Yesterday’s announcement means that in the coming months, the most recent version of the mobile operating systems on some 97 percent of U.S. smartphones will have a ‘kill switch’ feature.

Data Breaches… Again

Just two data breaches this week: one affecting some 600,000 Domino’s customers – mostly in France but also in Belgium as well – and another at AT&T affecting an unknown number of the mobile carrier’s customers. The breach at AT&T spilled mobile users’ birth dates and Social Security numbers. The breach at Domono’s spilled customers’ full names, addresses, phone numbers, email addresses, passwords, delivery instructions, and favorite pizza toppings.

Interestingly in the case of Domino’s, a hacker group claiming responsibility for the attack demanded a €30,000 ransom payment in exchange for the information gleaned in the attack. Domino’s officials said there was no financial information included in the breach. They have since fixed the bugs that led to the breach and have no intention of paying any ransom.


Last but not least, the popular router brand Belkin has patched a serious vulnerability in its N150 wireless router. The bug could give an attacker access to any system files on affected routers, which could enable a number of malicious actions. If you are using that brand and make of router, it is recommended that you install the firmware update as soon as possible, which isn’t easy to do. You’ll have to go to the Belkin N150 website and download the latest version of the firmware. Then you’ll have to log into your router and upload the new firmware. We do have an article with some generic instructions on how to install firmware on a router.

In Other News

The United States Federal Trade Commission is calling on hackers attending the DEF CON hacker conference to develop technologies that can successfully lure in and identify the perpetrators of illegal robocalling scams. Read more at Threatpost.