Nokia cell phone contracts virus

Contagion could spread to corporate network through VPNs

One of the first viruses to strike a cell phone was reported this week by Kaspersky Labs in Moscow and closer to home by Symantec. The virus struck a Nokia Series 60 phone that uses Symbian OS.

Dubbed EPOC.cabir, the virus transmits its code via a Symbian OS distribution file disguised as a security manager utility. Perhaps, stealing a page from vampire legend, the evildoer must be invited in by the user before it can install itself on a phone.

"It spreads itself through Bluetooth devices and when it finds one it will ask you do you want to install. You have to say yes to get it on your system. Then, rinse, recycle, repeat," said Alfred Huger, senior director of engineering at Symantec.

Huger also said Symantec has Norton Anti-virus software for cell phones and PDAs that would have stopped ENCORE.cabir.

The virus is a benign proof of concept bug that displays a message on the phone everytime it is started.

Analyst David Hayden, principal at MobileWeek, said this is just the beginning of a problem that will only grow larger.

"Over time as cell phones become more PC-like, you can be assured there will be viruses. Look at cell phones running Palm, Pocket PC Phone Edition and Symbian, they are basically miniature PCs, with a standard OS with open APIs for developers, Web browsers and Java scripts," said Hayden.

]At present, if wireless carriers are doing anything about the problem, they are not making it public. Of five carriers contacted, AT&T Wireless, Cingular, Nextel, Sprint and Verizon, in three days none responded to InfoWorld beyond saying they were looking for a spokesperson to comment.

While the infection of local phones may be a minor annoyance, as more smart phones use VPNs to access a corporate network the danger of infection will increase, according to Huger.

"The principles of networking aren't any different," said Huger.