Scribd Logo
Upload

Welcome to Scribd!

  • Mobile Virus and Security

    Uploaded by

    mohitkhanna31
    14 views25 pages
    this wll give inform about all mobile virus and security

    Original Title

    mobile virus and security

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    this wll give inform about all mobile virus and security

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views25 pages

    Mobile Virus and Security

    Uploaded by

    mohitkhanna31
    this wll give inform about all mobile virus and security

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 25

    Seminar on

    Cell phone Virus and Security

    By Mohit Khanna
    Roll no 31
    Cs-8th sem
    Content
    • Introduction
    • Ways of Exploiting Devices
    • Threats
    • Types of virus
    • Common Protection
    •Removal of Virus
    • References
    Brief Introduction
    Virus - program that copies itself by affecting
    other running thing

    Trojan – causes malicious activity and cannot


    replicates

    Worm – ability to spread on its own to the


    computer on the network
    Ways of Exploiting Devices
    1)Attacks exploiting
    software vulnerabilities.-
    Network Attack

    2) Social engineering based attacks


    Threats
    Cause financial loss to user.
    - Unknown calls made, sms sent.
    - Losing confidentiality of data stored on the phone.
    Excessive Bluetooth usage.
    - Continuous scanning, spreading via bluetooth
    Make Phone unusable.
    - Devices crash frequently or work miserably slow.
    - Infect system files. Hence, some applications do not
    work.
    Data loss
    - Delete address book entries.
    Miscellaneous
    - Replace icons.
    More Threats

    1) Location Tracking

    2) Accesing secret and confidential


    information

    3) Loss of security.
    Different Type of Virus
    1. Cabir
    2. CommWarrior
    3. Skulls
    4. Flexispy
    5. 3396003964
    6. Duts
    7. Redbrowser
    Cabir
    •Detected June 2004.
    •First network worm capable of
    spreading through bluetooth.
    •Caribe.sis : worm as a
    System file.
    •Continuous scanning for
    mobile devices using bluetooth.
    Causes battery drainage
    CommWarrrior
    • Network worm capable of propagating via
    MMS,also bluetooth.discovered in 2005
    • Worm searches for “active” bluetooth devices.
    • When found sends .sis infected
    file when the receiver agrees.
    • Also sends infected file to all
    contacts in address book.
    • Financial harm to the user and
    battery drainage.
    Image from
    M.Hypponen [1]
    Image courtesy M.Hypponen [1]
    Image courtesy M.Hypponen [1]
    Skuller
    • Another series of Trojan horse
    •Replaces the phone desktop item
    with an image of skull.

    •Overwrite any files including system


    files, system becomes unstable

    • The .aif files are malicious;

    • Once a mobile has been infected it can


    only be used to make calls; SMS, MMS,
    camera etc. will not work
    Flexispy
    • Discovered in 2006 march
    • A records both voice call
    and SMS information
    • Flexispy.A is installed in a
    standard SIS package
    • After installation the
    application will immediately
    go into hiding and locks its
    files so that the application
    uninstaller cannot remove it.
    3396003964
    • Its has the name of Hati hati
    sms virus
    •It keeps sending SMS to the
    number 3396003964 every 3 seconds
    • You always receive sms(from your friends)
    late
    • It keeps your network connection busy,
    when other people call you, they can’t reach
    you
    • A fully charged phone doesn’t last more
    than 30 minutes.
    Duts
    • A parasitic file infector virus
    • Duts is a 1520 bytes long program
    • the virus asks for
    permission to infect
    • infect all EXE files in the
    current directory.
    •virus body is appended to
    the file and the last section
    is made readable and
    executable
    RedBrowser
    •Sends SMS messages to specific
    number in russia
    • User chooses to pass option then
    Redbrowser.A will start a continuous
    flood of SMS messages with cost of $5
    • Claim of free service is a form of social
    engineering.
    • Limits the trojan only to Russian
    speaking countries.
    Common protection against
    malware
    1) Non-discoverable mode

    2) Install antivirus.

    3) Untrusted sites & softwares

    4) Firmware Updates.

    5) Firewall protection
    Antivirus Available
    • F-Secure

    • Kaspersky

    • Eset mobile Antivirus

    • Mcafee

    •Stopzilla

    • Symantec
    Remove viruses
    1. Remove 3396003964 - Download the little
    program called Fexplorer
    Once installed, look for the folder ‘Guardian’ in
    the system folders in C:\ and DELETE IT.

    2. Remove Flexispy - Download F-Secure Mobile


    Anti-Virus . Scan the phone and remove any
    components of the malware.
    3. Remove cabir and commwarrior- Install File
    manager and Delete the file
    c:\system\apps\commwarrior\commwarrior.exe
    c:\system\apps\commwarrior\commrec.mdl
    c:\system\smybiansecuredata
    \caribesecuritymanager
    REFERENCES
    [1] Hypponen, M.Malware goes mobile. Scientific
    American 295,5 (Nov 2006)
    [2] F-S ECURE. F-Secure Virus Information : .
    http://www.f-secure.com/v-descs/cabir.shtml
    [3] F-S ECURE. F-Secure Virus Information
    http://www.f-
    secure.com/vdescs/commwarrior.shtml
    [4] A.Gostev, Kaspersky Labs.(Oct 2006). Mobile
    Malware Evolution:http://www.viruslist/en/analysis
    [5] http://images.google.co.in
    THANK YOU
    QUESTION AND ANSWER

    You might also like