September 23, 2005 7:39 AM PDT
Sophos: Cell phone virus claims are 'bonkers'
Earlier this month, F-Secure was questioned over hyping cell phone viruses in a bid to sell antivirus products. Today, Trend Micro issued a media alert stating it had discovered a "fully functioning" mobile threat that proved malicious-software writers "are committed in their efforts," and provided a link to a trial product it claims protects against the threat.
But Trend Micro's statement failed to impress one industry expert, who said the claims were flawed.
Graham Cluley, senior technology consultant for Sophos, said: "We have had no reports of this piece of malware spreading, so it's not something that should panic customers. Compared to conventional e-mail viruses and Internet worms this malware's method of spreading seems extremely ineffective--for the vendor to say that this is the first example of a serious mobile malware threat is plain bonkers."
Trend Micro claims the virus, dubbed Symbos_Cardtrp.A, has the potential to spread to PCs running Microsoft Windows. It said handsets can be infected either by sharing files with PCs via Bluetooth or by downloading files from the Internet.
In the statement, Trend Micro did admit the potential for infection was low. Raimund Genes, president of the firm's European Operations, said: "This attack is really a proof of concept and may be an indication of a new type of blended threat to come. As mobile threats continue to evolve, it's likely that we will see further attacks similar to this, but utilizing more robust propagation techniques and therefore carrying a higher potential for infection."
Few security companies have said antivirus protection for mobile phones is necessary. Earlier this month a spokesman for mobile phone carrier O2 told silicon.com that the issue of mobile phone viruses was "massively over-hyped." WDSGlobal, a handset-support call center that receives 100,000 calls per month, said only 0.004 percent related to viruses.
Responding to Trend Micro's statement, Cluley said unnecessary publicity could cause people to ignore the more common threat of computer viruses.
He said: "The danger is that excessive talk of mobile phone malware distracts IT managers from where the real threat is happening every day of the week--Windows desktops.
"The virus writers, who are becoming increasingly criminal and organized in their efforts to steal money from individuals, don't need to write viruses for mobile phones."
Dan Ilett of Silicon.com reported from London.