First things first: It wasn't really a cell phone virus, as we've come to understand the term. Although the Timofonica virus, reported by several news outlets earlier this week, behaved like several recent e-mail viruses on computer systems, it generated spam on the wireless spectrum. Timofonica carries an attachment that includes a program written in Microsoft's VBScript. When a Microsoft Outlook user clicks open the attachment, it sends e-mail with its attachment to the first 50 addresses in the Outlook address book.
The new twist is that it also sends a random phone number and message to an SMS (short message service) gateway for mobile phone users in Spain, Correo.movistar.net. According to Elinor Abreu writing in The Industry Standard, the message reportedly stated "Timofonica is a monopoly," a play on the Spain's telecommunications giant Telefonica. (Timo means trick.)
Cnet News.com's Evan Hansen suggested that this wasn't really the first phone virus: In early April, a virus hit telephone systems in Houston, Texas, that reportedly dialed 911 repeatedly.
But this virus (or feature, if you prefer) is different. It takes advantage of a relatively insecure access point in network communications: the ability to send short messages to GSM (Global System for Mobile Communications) and other mobile phones that will receive them. SMS's popularity has grown wildly among teenage cell phone users in Europe and Asia in the past year. But web developers see the potential for more professional uses of this simple push technology, everything from sports scores and stock quotes, to notifications of network problems, travel details, and other business information.
The fact that the system is so easily exploited points out the need to nip the problem in the bud, before abuse threatens the viability of the system. Consider fax spam, which threatened to make faxes unusable in the mid-1980s. Fax owners were receiving so many restaurant menus and toner ads that they were refusing to answer their machines unless they knew who was calling. That situation was remedied in the U.S. through laws that prohibited sending unsolicited faxes. We all know that's tougher to do in an open network, but the precedent stands that one can take action early in a technology's life to ensure its viability. (And anyone who thinks faxes are ancient history hasn't dealt with a realtor lately.)
Dan Schrader, chief security analyst at Trend Micro, was quoted by News.com's Hansen as saying that desktop antiviral software has failed, and the place to fight viruses is at critical points in the network. In this case, the SMS gateway is the critical point. We can easily see the metaphor extending to Phone.com's Wireless Application Protocol (WAP) gateway. But how is this to be done?
Some of the media reports downplayed the event, saying they didn't expect more SMS spam viruses, because virus writers tend to focus their efforts on where the most users are. That's why we see viruses aimed at Microsoft Outlook and Eudora, while a Mac user reading e-mail through Netscape Communicator is safe by comparison.
We should remember, though, that the number of users accessing the Web from mobile phones is expected to surpass the number coming from desktop machines sometime around 2003.
This week's demonstration in Spain suggests that the virus writers will already be there, waiting.
David Sims was the editorial director of the O'Reilly Network.
Shining Light Into the Realtime Blackhole List
Sound Out on the RBL
Securing Your Home Network With the Edge Firewall
Discuss this article in the O'Reilly Network Forum.
Return to the O'Reilly Network Hub.
Copyright © 2009 O'Reilly Media, Inc.