| Author |
sis Mobile Virus? |
Nebbs
Joined: Jul 04, 2005
Posts: 145
From: Newcastle, UK
PM |
Was sitting in a local pub at the weekend with a bunch of friends, we all had our phones on the the table, a K750i, w800, k700, samsung D600 and a sharp 903. All of a sudden all three se phones recieved a incomming bluetooth request from someone (or something?) called 'Death', we rejected the incomming transfer but within minutes it happened again. We all rejected this again a few times, then i decided to accepted the file to see what it was. Ended up being a sis file with a random generated string for the file name. Anyway, being curious i tried to send a file back to this 'Death' person only for my friends D600 to suddenly light up and request accept file from my phone??? Now the strange thing is that his bluetooth name was'nt death and at no time did he even touch his phone?...spooky!! though we where in a scene from final destination and that we where all gonna be hit by trucks and bolts of lightening..lol
Anyway anybody know of anything like this or heard of such things?? cause its got me stumped. |
|
|
rockets
Joined: Jul 24, 2005
Posts: 18
PM |
your friend's bluetooth phone trying to communicate with yours??
haha your story is scary |
etaab
Joined: Jan 23, 2004
Posts: > 500
From: UK - South Yorkshire
PM |
Are you sure when you searched for the Death phone, you didnt accidentally click your friends D600 when it also appeared on your search ?
Possibly your friend is playing a prank on you.. ?
Check me out on Instagram ! search for etaab ! |
Nebbs
Joined: Jul 04, 2005
Posts: 145
From: Newcastle, UK
PM |
Definatley selected the Death phone and if he was playing a prank on us how did it make all three se phones light up with a incomming request at the same time?? Still has me stumped!!
I still have the sis file saved on me k750 if anyone wants to disect it and have a look i'll upload it.
[ This Message was edited by: Nebbs on 2006-03-23 08:53 ] |
whizkidd
Joined: May 14, 2004
Posts: > 500
From: India
PM, WWW
|
This most likely seems to be a case of a commwarrior virus trying to spread itself. It shows all the symptoms of commwarrior. The most prominent being the random naming of the sis file... The poor chap who was "spreading" the virus most likely is unaware that his phone is infected and is trying o infect others! The suprising fact is that this virus has some loophole which can cause to send a file even if the infected phone user has switched off his bluetooth! This has been tested by me many times.
The "death" guy most probably isn't aware of the fact that his phone is infected and is trying to send copies of this virus to other phones in the vicinity.
There is nothing he can do about it except deleting the file using an s60 antivirus.
T230 >> T610 >> Ngage QD >> N73 >> N85 >> Omnia HD >> And countless other review units |
niranjan007
Joined: Dec 12, 2004
Posts: 230
From: The garden city of India
PM |
i concur with whiz that the virus was commwarrior. Here's a few facts i've noticed about it:
1)it sends a copy of itself over bt even when the bt of the infected phone is turned off.
2)it sends a copy of itself though mms to contacts in your phonebook with messages such as "free sex software for mobile"
3)the file name is random alphanumeric
4)keeps sending itself over and over again
one thing that surprises me is that the virus came from a d600, which is not s60 and therefore cannot be infected by it. |
etaab
Joined: Jan 23, 2004
Posts: > 500
From: UK - South Yorkshire
PM |
It certainly sounds like commwarrior.
You say it came from a phone named Death. How do you know this ? the K750i, W800i and K700i do not show who is sending you something via Bluetooth, so it could have been anyone. By the way, im not questioning the truth of your story, i'd like to know how you knew it was coming from that particular phone.
Only the K750i and W800i will tell you the Bluetooth name of the other phone if you accept the file first, and those phones have up to date firmware. Are you sure it came from the phone named Death ?
If it is commwarrior, it will have infected a S60 handset. However, AFAIK no S60 handset is capable of allowing more than one device connected to the FTP or PIM profiles simultaneously, therefore if all three phones were receiving the file all at the same time, it cannot have been coming from a S60 handset. Even Bluetooth v2.0 handsets tend not to be able to have more than one device connected to a single Bluetooth profile simultaneously. So, it might have either been coming from more than one phone, it might have been coming from a PC, laptop or PDA, or it might simply be the case that commwarrior tried to send to all phones in reach and simply waited for a response from one. It could only send to one phone at a time though, and not all three.
Check me out on Instagram ! search for etaab ! |
Nebbs
Joined: Jul 04, 2005
Posts: 145
From: Newcastle, UK
PM |
@Etaab
Tried to bluetooth the file to my computer but my antivirus software delete's it as soon as the transfer is complete and i dont fancy disabling my av. Anyway took a screen grab of the virus alert and as you and others correctly predicted it is indeed the commwarrior virus.
 |
niranjan007
Joined: Dec 12, 2004
Posts: 230
From: The garden city of India
PM |
i didnt know that a sis virus can be recognised on a pc...it must have been included in the definitions |
etaab
Joined: Jan 23, 2004
Posts: > 500
From: UK - South Yorkshire
PM |
They sure are, to help mobile users prevent infecting their phones by downloading items from the net before sending them to their phone.
Commwarrior huh ? comes as no surprise. 
Check me out on Instagram ! search for etaab ! |
|
|
Posted: 2006-03-22 18:47
