News Stay informed about the latest enterprise technology news and product updates.

New worm attacks Windows smartphones

Symantec researchers have discovered a new worm attacking the Windows CE platform on ARM processors.

Researchers at Symantec Corp. have discovered a new worm that attempts to attack smartphones running Windows CE platform on ARM processors.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Symantec said the worm is polymorphic, meaning it mutates based on the type of traffic it encounters to evade intrusion defense systems. Once the worm compromises a smartphone it spreads by making copies of itself and begins reaping havoc, including making unwanted phone calls to premium phone numbers, said Symantec software engineer Andrea Lelli.

"It spreads by generating new polymorphic copies of itself each time, and can cause a severe nuisance on a compromised phone," Lelli said in the Symantec Security Response blog.

Smartphone security:
Smartphone security: The growing threat of mobile malware: The increasingly pervasive use of wireless handhelds in the enterprise is just one reason why malware pros are getting serious about mobile malware.

Apple iPhone mail, Safari prone to spoofing
Survey exposes lax mobile security: Executives say they worry about smartphone security, but according to a survey from The Economist and Symantec, their approach to the problem is often inadequate.

The new worm is smarter than previous smartphone worms discovered in the wild. It spreads via storage cards rather than via Bluetooth, which quickly drains batteries.

Called WinCE.Pmcryptic.A, the new worm bricks the cell phone by cycling through different screen colors until the screen turns black, Lelli said. The worm also eventually overloads the smartphone capacity.

So far the threat of being infected is low. Victims can eventually delete all the worm executables, but file system menu folders and system colors need to be reset to their default values. Lelli warned Windows CE users to pay attention to the storage cards they plug into the smartphone.

"Unfortunately, WinCE does not provide, by default, tools for doing this, so it is likely that an infected user will need to download and run third-party tools in order to bring order back to the compromised device," Lelli said.

Dig Deeper on BYOD and mobile device security best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.