From Symbian to iPhone to Android OS: The Evolution of Mobile Phone Malware

There is no question that vicious people have developed malware specifically targeting all cell phones, and mostly smartphones. Today's mobile phone malware plague did not start that way, so in light of the 21 malware infested Android applications Google finally pulled from the Android Market Place, let's look at the evolution of mobile malware.

June 2000: First-ever mobile phone infection

The first mobile phone infection, Timofonica, started as a computer virus. It sent nasty emails to computers and SMS messages to random cell phones using a website. It originated in Spain, and was mostly harmless.

June 2004: First computer-less virus

Cabir, a conceptual worm, was the first mobile phone infection that did not need a computer for it to transmit. Although harmless, it infected cell phones and displayed the word "Caribe." The worm used Bluetooth to search out and infect other cell phones and only infected those within 90 feet and that had Bluetooth enabled.

July 2005: First harmful virus

"Doomboot.A" Trojan, the first mobile phone virus to do any real harm, infected Symbian-based cell phones with the virus called "CommWarrior.B." Once infected, Bluetooth traffic surged, draining the user's battery within an hour. The virus also caused the phone to turn off automatically, and made it unable to reboot, which is the mobile equivalent of a computer's "Blue Screen of Death."

September 2005: First virus to originate on a phone

"Cardtrap.A," the first virus to come from a phone and not a computer, infected Symbian-based cell phones' MMC Cards. The Trojan activated upon insertion of an infected card into a computer and then copying content to the computer. The Trojan deleted Win32 computer system information, and locked the MMC card so a password had to be was entered. However, the password changed randomly, so it was impossible to do so.

February 2006: First Java-based virus

The "Trojan-SMS.J2ME.RedBrowser.a" was the first to target newer mobile phones that supported Java and J2ME, including BlackBerry, Pocket PC, Palm, and others, not just Symbian phones. Called RedBrowser, it was also the first Trojan to steal money using the Wireless Messaging API and the MIDP 1.0 API.

October 2006: Apple infects its own iPhone

Apple accidentally shipped Video iPod devices containing the RavMonE virus, also called the W32/RJump.worm. The virus infected Windows computers when iPod owners would insert their memory cards into the computer. The virus then opened a backdoor allowing other infections access to that computer.

January 2008: First iPhone Trojan

The first-ever iPhone Trojan, "iPhone firmware 1.1.3 prep," hid as a "critical system update," but Apple does not issue these types of updates, so users installed it manually-a telltale sign of malware. The Trojan overwrote some utilities packages, such as "Erica's Utilities," which did no harm, until the user removed the malware. Doing so erased the application files so users would need to reinstall the originals and, in some cases, it overwrote the OpenSSL.

January 2009: Android malware scare

The MemoryUp Personal Android application was accused of sending spam to contacts, installing adware, and erasing memory cards. Eventually, MemoryUp was cleared of the accusations, but accusing the app was enough to aid in its downfall, waking users up to the reality that Android malware exists.

July 2009: Symbian Botnet-making Trojan discovered

The first-ever Symbian botnet, called, "Sexy Space," started by the SYMBOS_YEXS.B Trojan disguises itself the ACSServer.exe app. It infects when the user installs the app. Once installed, it steals the user's information and sends it to the Trojan's maker over the Internet. This Trojan/Botnet also sends text messages and installs other malicious software. This infection originated from a Symbian phone, but is not limited to Symbian based phones. Because this is a botnet Trojan, anyone who clicked on links within the text messages or opened email from the infected phone would become infected.

July 2009: Conceptual SMS Hack Attack

This hack concept is very dangerous and affects iPhone, Windows, and Android smartphones. Simply sending thousands of SMS messages to a phone so that real messages cannot get through makes that phone unable to use the Internet. When a person sends or receives a message, the phone freezes until it is finished, so sending or receiving thousands can freeze a phone indefinitely. Called a DOS (Denial of Service) attack, if one happens and freezes the phone, the person causing the attack access it and erase all information, causing it to never reboot again.

November 2009: First Confirmed iPhone Worm

This worm is different, as worms are more difficult to construct, especially for a closed platform likes the iPhone. As a joke, Australian native Ashley Towns constructed "Ikee and Duh," the iPhone worm. Initially infecting 100 phones, the worm changed the infected phone's wallpaper and left a message saying, "ikee is never going to give you up."However, it only infects jailbroken iPhones with a the root password that was never changed.

March 2010: Vodafone distributes Conflicker infected HTC Magic

Ironically, a Panda Labs employee received an HTC Magic from Vodafone that was infected with Conflicker, Autorun.inf and Autorun.exe files. The Conflicker infection is one of the worst Trojans to encounter and most difficult to remove. It is associated with the botnet Mariposa, and as the employee connected the phone to the computer, it attempted to connect to its botnet host server immediately. If left to infect the computer, it would have disabled all administrator privileges, search out other computers to infect, and take control of all log-ins and passwords, among other things.

Stay Safe

These are only a sampling of the numerous infections targeted at mobile phones, and as these devices continue to evolve, so will the infections. No phone is invulnerable, even if it is a closed operating system like Apple's iOS, so keep the worst from happening and protect your phone with an anti-virus and anti-malware program made especially for cell phones.