Virus Targets WinCE Devices
Dubbed WinCE4.Duts by most vendors, it's not out in the wild, according to BitDefender, a Romanian anti-virus firm that was among the first to report the virus. Like last month's Cabir, a virus that spread to cell phones via Bluetooth, Duts is "proof-of-concept" code written to show that a vulnerability exists.
The viruse's author uses the nickname "Ratter," and is a member of the same 29A hacker group that created Cabir, said BitDefender and other security vendors. 29A specializes in writing proof-of-concept code, and was also behind Rugrat, the first virus that attacked machines running 64-bit versions of Microsoft's Windows.
The virus displays a dialog box asking if it can spread, and if the user gives the okay, appends itself to .exe files on the device. It can only spread from one machine to another if users share infected programs, such as games.
Because Duts is not meant to propagate -- users must be incredibly dumb to let it spread -- "You're more likely to have a meteorite strike your house than be hit by this virus," said Carole Theriault, security consultant for Sophos, in a statement. "Owners of PDAs running the Pocket PC operating system shouldn't lose any sleep over this virus, although it might be a taste of things to come."
Although viruses and worms directed at mobile devices remain rare, security firms have been gearing up to secure handhelds and cell phones against attack.
And for good reason, said Eugene Kaspersky, the head of anti-virus research at Moscow-based Kaspersky Labs.
"The events of the past month are really disturbing. The computer underground has pounced on the new opportunities offered by mobile devices," said Kaspersky in an e-mailed statement. "And now malicious programs are evolving in yet another direction, bringing the first global outbreak caused by a mobile virus closer and closer."
For continuing coverage of security issues, see CRN Security News Center.