| Author |
Bluetooth Invasion - Subway - Simultaneous files sent at once |
curmurdar
Joined: Dec 04, 2005
Posts: 109
From: Constanta , Romania
PM |
I thinks that is a Symbian virus.
|
|
|
max_wedge
Joined: Aug 29, 2004
Posts: > 500
From: Australia
PM, WWW
|
its the commwarrior virus. It affects s60 phones only so P series are safe (for now).
It's designed to keep hitting any device in range on bluetooth, that explains why every 30 seconds it kept trying to send itself to your SE.
You can accept the sis file, but it will have no affect unless use an s60 phone. If you have an s60, it will then use your phone to hit anyone else in range and send them the virus. There is no payload, however it will deaden your battery very quickly, and cause a nuisance to those silly enough to accept it.
You can prevent infection by disabling bluetooth, hiding bluetooth, or just not accepting something from anyone unless you know what they are sending you 
|
Supa_Fly
Joined: Apr 16, 2002
Posts: > 500
From: Toronto, Ontario
PM, WWW
|
Are you sure its a virii?
ALL applications that are NOT Java to be installed on ANY Series60/S60 phone is in that ".sis" format. Please people do a little research and stop propagating F.U.D., please.
Not sure which country the thread poster is in but I'm thinking a few things.....
1> If in Europe you should be more knowledgeable about BT Access Points (remember that company RedM that made it popular & a pioneer of BT AP 5 years ago, about 2yrs after the Ericsson T-39m came out). It could very likely that that establishement that you were at was sending out an app that included a menu of the stores wears along with a contact vcard for install into your phone. There's a number of possibilities of what this app is (yes even virii are in the .sis format for S60 phones, just like legitimate apps.)
2> You bloke, I thought all phones (even Nokia S60 phones lately) ask you to ACCEPT a file. Why would you a) accept a BT file transfer if you dont know where its coming from? - 10 Meters isnt that far to go looking about & its common range for BT; albeit not its limit - and b) This file type like Max said will not infect your phone. You could find some poor sap with a Nokia S60 phone who's happy to accept anything over BT like you did to test it out.
Sorry not picking on you thread starter, but common a quick poke around these threads in the Other Manufacturers thread you'd find a section on Nokia users thats over 19 pages long; the first of which mentions a lot about S60 phones.
Max could be right; I didnt bother go searching the title of the file to see if its a virus or not but I myself am not assuming it is or isnt JUST based on the title. Virii creators are not gonna stick to just one file name, so thats why I usually dont leave my BT on in my 6620; and after 8 months have NEVER gotten a Virus! Bad apps and files that are supposed to unlock a hacked app that behaves badly but never a virii.
3> I think after the 1st unknown receive, you shouldnt have even bothered to accept even just to find if the file name was the same & cancel it midway thru. |
curmurdar
Joined: Dec 04, 2005
Posts: 109
From: Constanta , Romania
PM |
Prom1 : you didn't read all the topic.
"I didnt bother go searching the title of the file to see if its a virus or not but" -> the title of the file was something generated randomly. |
whizkidd
Joined: May 14, 2004
Posts: > 500
From: India
PM, WWW
|
Ok folks !! Hang on... The file the poster received is most likely the commwarrior virus. It shows all the symptoms of commwarrior. The most prominent being the random naming of the sis file... The poor chap who was "spreading" the virus most likely is unaware that his phone is infected and is trying o infect others! The suprising fact is that this virus has some loophole which can cause to send a file even if the infected phone user has switched off his bluetooth! This has been tested by me many times.
T230 >> T610 >> Ngage QD >> N73 >> N85 >> Omnia HD >> And countless other review units |
tomw800
Joined: Jan 05, 2006
Posts: 22
From: Harrogate, UK
PM |
I sent it to my friends 6630 comes up as COMMWARRIOR, didnt install it though!
[addsig] |
max_wedge
Joined: Aug 29, 2004
Posts: > 500
From: Australia
PM, WWW
|
Quote:
|
On 2006-01-12 10:42:00, whizkidd wrote:
Ok folks !! Hang on... The file the poster received is most likely the commwarrior virus. It shows all the symptoms of commwarrior. The most prominent being the random naming of the sis file... The poor chap who was "spreading" the virus most likely is unaware that his phone is infected and is trying o infect others! The suprising fact is that this virus has some loophole which can cause to send a file even if the infected phone user has switched off his bluetooth! This has been tested by me many times.
|
|
Correct if already infected. However if not infected turning off bluetooth will protect.
|
SCORPIONKING1982
Joined: Mar 11, 2003
Posts: > 500
From: Leeswood
PM, WWW
|
We had this at work the other week, the virus installs and then constantly sends itself out to anyone in range.
Even if you turn off your bluetooth it still sends itself out as you cant actually deactivate your bluetooth even though the phone says it has.
There seemed to be no other affect on the phone other than your battery running down as bluetooth was in constant use.
You can removed it from your phone by using a filemanager to delete the install files
myspace.com/scorpionking1982 |
tomw800
Joined: Jan 05, 2006
Posts: 22
From: Harrogate, UK
PM |
Its round my entire college already, thats another reason not to buy a Nokia!
[addsig] |
p900 lover
Joined: Jan 08, 2004
Posts: > 500
From: London
PM |
Have a look here
http://www.esato.com/board/viewtopic.php?topic=112228
It got sent to my PC |
|
|
Posted: 2006-01-12 00:56
