Fullname: | Commwarrior |
Alias: | Symb/Comwar-A |
Classification: | Mobile phone virus |
Type: | Symbian Bluetooth Worm |
Subtype: | Nokia Series 60 infecter |
Commwarrior is a Symbian Bluetooth worm that was the first to spread via Multimedia Messaging Service (MMS) and Bluetooth.[1] [2] The worm affects only the Nokia Series 60 software platform.
Commwarrior was particularly effective via the MMS vector it used to infect other phones. It appeared as though it had been sent from a source that was known to the victim, leading even security-conscious users to open the infected message.[3] Actually, the message was sent at random to a contact in the sender's address book. Once the message is opened, the virus attempts to install itself on the phone via a SIS file. As it runs, the worm is executed every time the phone is switched on.
A secondary method of infection is to create a malicious .SIS file on a compromised phone. Once per minute thereafter, the worm attempts to send this file to any phone that has Bluetooth enabled.[4]
According to Sophos, during installation the program has a one in six chance of displaying the following text:[1] "CommWarrior v1.0 (c) 2005 by e10d0r"