Trojan Horse Charges PDAs
UPDATED: First known backdoor attack on handhelds probably written by Russian virus coder.
UPDATED: The world of viruses finally reached out and touched handheld computers Thursday with Symantec and Kaspersky Labs reporting a backdoor Trojan horse program that can take control over a mobile device.
The program, known as Backdoor.Brador.A, attacks PDAs running the Windows CE operating system. Once installed, the program activates when the PDA is restarted and begins to search for a remote administrator to take control of the machine.
In a security alert, Symantec calls Brador the first known Windows Mobile backdoor Trojan horse. The security firm says the program, like all backdoors, cannot spread by itself. Backdoors arrive as an e-mail attachment and must be downloaded from the Internet.
"We're not seeing it widely and its only effected a very, very small number of systems," Oliver Friedrichs, a senior manager for Symantec's security response team. "The significance is that it is the first to attack CE Windows."
Friedrichs said it is hardly surprising that viruses would make their way to mobile devices.
"It's a natural trend. Where technology goes, viruses will follow," he said. "The perception is that as new technology moves into the mobile market, these threats will move in that direction also."
Kaspersky Labs said Brador was probably written by a Russian virus coder since it was attached to an e-mail with a Russian sender address and contained Russian text.
Eugene Kaspersky, head of anti-virus research at Kaspersky Labs, was expecting a PDA attack given the recent attacks against other mobile devices.
"We were certain that a viable malicious program for PDAs would appear soon after the first proof of concept viruses emerged for mobile phones and Windows Mobile," said Kaspersky in a statement. "[The program] is a full-scale malicious program ready to go; unlike proof of concept malware, Brador has a complete set of destructive functions typical for backdoors."
The Russian security firm added that the author is offering to sell the client portion of Brador to all interested parties, increasing the likelihood the backdoor will be used commercially.
"PDA users face a real danger and we can be sure that the computer underground will snatch at the chance to attack PDAs and mobile phones in the near future," Kaspersky said. "Malware development for mobiles is passing through the same stages as malware for desktops. We'll probably see a serious outbreak of viruses for handhelds sometime soon."
Symantec, which rated Brador's threat containment and removal as "easy," has updated its database to deal with the virus.
Last month, Kaspersky Labs detected the first computer virus spreading via cell phone networks.