Well - it has finally happened. After a number of false starts and numerous of captive creations in various labs, McAfee has reported in the past few weeks, that the first real Windows Mobile virus/trojan to be experienced in the "wild" has been discovered. The virus is known as WinCE/InfoJack.
Its gone relatively unnoticed in Europe as to date, it has mainly affected South East Asia.
What Does it Do?
According to McAfee, WinCE/InfoJack has a number of features that show its malicious intent:
- Installing as an autorun program on the memory card
- Installing itself to the phone when an infected memory card is inserted
- Protecting itself from deletion, copying itself back to disk
- Replaces the browser's home page
- Allows unsigned applications to install without warning
As it disables the Windows Mobile application installation security, the virus allows itself to be to auto updated. It also leaves the mobile open to other malware being installed silently.Furthermore, it has the capacity to send data about the device and its possibly its contents to external locations.
What Does It Mean?
To date Windows Mobile has been relatively unaffected by malware and viruses. However, I've always maintained that their portability, their myriad of connectivity options (3G, WiFi, Bluetooth) and the sheer numbers of devices out there makes them a significant threat both inside an outside an organisation. Imagine a botnet of mobile devices with HSPDA connectivity! Coupled with the amount of sensitive corporate data often carried on these devices that could be stolen and the threat is clear. The fact that memory cards are involved means the capacity to infect other kinds of devices is also a possibility.
So What Can You Do?
Get anti-virus & malware software for your device. Although relatively unpublicised, many of the leading anti-virus providers such as McAfee, Symantec amongst others have had antivirus components for Windows Mobile for several years. Many of these are add-ons aimed at the corporate environment however. Although not necessarily a recommendation, I personally have used the AirScanner suite of tools without any issues so far. It contains firewall utilities as well as anti-virus tools and can be regularly updated over the air.
The other thing to do is be far more sceptical about the origins of any software you install and whether you can verify its authenticity. For a long time people have installed shareware on mobile devices with relative impunity but with this announcement attitudes will need to be revised somewhat.
I don't wish to be considered a doom-monger and if you take precautions and adopt secure usage patterns you shouldn't be affected. I can't help feeling that the world of mobile devices is entering a new era however.