Well, I warned as long ago as March that mobile devices would be targeted by virus writers and hackers, and it`s finally happened, with the EPOC operating system coming under attack last week.
EPOC is mainly used in Psion handhelds, but it has also been deployed on cellphones and other mobile products, all of which are now vulnerable.
As Linux gains in popularity, so virus writers will be inspired to new heights of ingenuity.
Ian Melamed, MD, Ian Melamed Secure Computing
A number of joke programs and Trojans were reported. They displayed insulting messages, made alarm sounds, prevented other programs from being executed, displayed virus warnings, changed user information, switched the display light on/off, and convinced users they had a problem with their handheld device.
F-Secure already has a cure and Trend Micro can provide advice: visit http://www.antivirus.com/vinfo/: EPOC_GHOST.A, EPOC_GHOST.B, EPOC_FAKE.A and EPOC_BADINFO.A.
Meanwhile, the UK anti-virus community is locked in a dispute as to whether Linux is vulnerable to viruses in the same way Windows is. Sophos says it is; mobile consultancy Netproject accused Sophos of fear-mongering; Sophos countered by saying there are Linux viruses in the wild; Netproject says Linux`s architecture makes it impossible and has challenged Sophos to try and infect and crash its systems with an e-mail-borne virus. My input: as Linux gains in popularity, so virus writers will be inspired to new heights of ingenuity. I`d say Linux viruses are coming, soon, to a computer near you.
And while the experts wrangle, the virus writers just get on with it. I Love You is back, in a new form. A variant has been targeted at customers of a Swiss bank. The payload of the new version uses a password-stealer (Hooker) to grab online bank account details. This specific strain, spotted in Switzerland and Russia, is thought to be proof-of-concept for a threat other banks could face.
And how`s this for audaciousness? Two Kazakhstan men, working for a securities company, have been arrested for trying to extort more than $200 000 from Michael Bloomberg, owner of the Bloomberg business news service, which supplied news to the Kazakhstan company. The two men allegedly broke into Bloomberg`s Manhattan-based computer systems, and then tried to extort money from Bloomberg by threatening to reveal to the world just how they had done it. Bloomberg and authorities set up the two in an elaborate sting in London.
After the Chinese government`s recent clampdown on Internet service providers (ISPs), the government-owned sole Saudi ISP has blocked access to all online clubs hosted by Yahoo. These clubs stand accused of "propagating pornographic material and defaming personalities". What`s the bet that three years from now both the Chinese and Saudi governments will have found their attempts to manage the Internet to have been ineffectual?
The giant Safeway supermarket chain is the latest company to fall victim to the spate of highly publicised e-mail related security glitches in the UK. This time, thousands of Safeway customers received e-mails warning them of an impending price increase and telling them to shop elsewhere if they didn`t like it. Gee, sounds like any good old South African company!
GartnerGroup has taken a full-on swipe at Microsoft`s software development process, terming it an "established behemoth that does not have security as an inherent concern". No comment needed.
I commented last week about the White House systems being used for downloading Web porn. Here`s the exact opposite: CyberCross.net, a Christian ISP that claims to "provide the growing number of Christians on the Internet with a safe, pleasurable browsing experience". It pre-screens and removes "inappropriate" content. That eliminates about 90% of the Web!
And how`s this for a security deal? Baltimore Technologies and Cap Gemini Ernst & Young have won a 10-year contract from the UK Ministry of Defence to build an online procurement system that aggregates information from 800 internal Web sites in one central database. Baltimore`s Unicert digital certificate management technology will enable the ministry to track and administer its dealings with suppliers.
Finally, the Napster saga has taken an unusual turn with a pro-Napster hacker, one "Pimpshiz", exploiting a bug in Windows NT to deface five-dozen Web sites in the past two weeks, including Nasa and the French national library. He`s not telling anyone what the bug is as he lines himself up for another wave of attacks. Now he`s bragging about his exploits: he wrote in a series of e-mails to ZDNet News that hacking the sites was easy and he was able to exploit "obvious" holes.
(Sources: Computerworld, Fox, Silicon.com, Wired, Reuters, Cnet, Newsmax and ComputerGram.)
Share
