Bad sorts have created a malware targeted at Symbian mobile phones that comes signed with an apparently valid Symbian Certificate. Because it is signed the application can potentially gain privileged access, net security firm F-secure warns. The malware is also unusual because it is targeted at S60 3rd Edition phones, instead of …
Nice to know us Symbia people are being targeted. Now phuck offf and play with windows.
But it begs the question.
"Who signed the worm?" Normally mass-distribution apps are signed by Nokia themselves after going through quality assurance. Either something slipped through the cracks or the worm makers enlisted inside help.
So, once again, let's get this straight. First of all, somebody is stupid enough to install it. Then, each time it tries to phone home or propagate, they press "yes" again? They continue to keep pressing "yes" every few minutes as the worm tries to propagate? Frankly, anybody that stupid is too dumb to own a smartphone anyway.
Apparently, *because* it is signed, once it's installed and running, it can access the protected parts of the system. These include the SMS subsystem and the address book. From what I've read, it's able to pull these off without further human intervention. That's why it's classified in some places as a worm rather than a trojan.
It's also possible that the worm creator was able to break the security on the signature. I say that without knowing any details of how it works, but it's not inconceivable. Only as strong as its weakest link, and all that.
There are apps for S60 phones that will allow self-signing (Freesigner) and sites that will sign apps for you (Symbian Signed) - so maybe it wasn't Nokia that signed this at all?
That said - it's still a case of people OK'ing stuff they don't know properly
- Breaking news: Google exec veep in terrifying SKY PLUNGE DRAMA
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Google chief Larry Page gives Sundar Pichai keys to the kingdom
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL