OSNews: http://www.osnews.com/story/24456/Spyware_Compromises_150000_Symbian_Devices Exploring the Future of Computing en-us Copyright 2001-2013, David Adams adam+nospam@osnews.com Sun, 19 May 2013 08:36:14 GMT http://www.osnews.com/images/osnews.gif OSNews.com http://www.osnews.com Phones are easy to pwn http://www.osnews.com/thread?463780 http://www.osnews.com/thread?463780 "Other" phones are just as easy. No code signing. No sandboxing. Security Fail. Thu, 24 Feb 2011 01:57:00 GMT donotreply@osnews.com (sigzero) Comments Gee, and I just bought a symbian phone... http://www.osnews.com/thread?463785 http://www.osnews.com/thread?463785 I thought being unable to install applications would make it free from spyware. No such luck. Time to research vectors and defenses... Thu, 24 Feb 2011 02:31:00 GMT donotreply@osnews.com (Almafeta) Comments Be more specific http://www.osnews.com/thread?463800 http://www.osnews.com/thread?463800 What variant of Symbian are we talking about here? S40, S60, Symbian^3 (the latter two are closely related but not identical)? Trouble with Symbian is you can't just say Symbian and leave it at that. There are several branches of it. Thu, 24 Feb 2011 05:56:00 GMT donotreply@osnews.com (darknexus) Comments RE: Gee, and I just bought a symbian phone... http://www.osnews.com/thread?463803 http://www.osnews.com/thread?463803 You can install applications on symbian phones. In fact, it's the platform where you have most power in this area, atm.

I would also like to know more about this vulnerability. Did people voluntarily install anything ? Did they disable some security features ? If it's an app trusted and installed by the user, it's different than if it's a sneaky app which installs through the web browser without the user knowing.Edited 2011-02-24 07:33 UTC Thu, 24 Feb 2011 07:30:00 GMT donotreply@osnews.com (Neolander) Comments RE[2]: Gee, and I just bought a symbian phone... http://www.osnews.com/thread?463807 http://www.osnews.com/thread?463807
Did people voluntarily install anything ?
Yes, it seems to be the case. "The privacy stealers usually install the spyware on the phone or send MMS containing the spyware to users to lure them to click. " in the article, "According to NetQin, the cybercriminals usually install the spyware on the phone by sending an MMS containing the spyware to users to lure them to click." in http://www.securityweek.com/new-variants-old-symbian-mobile-spyware... .

So it is still the user's fault more than symbian's fault, but keeping the user safe from his own idiocy/flaws is becoming more and more a good security feature... Thu, 24 Feb 2011 08:13:00 GMT donotreply@osnews.com (Radio) Comments RE: Gee, and I just bought a symbian phone... http://www.osnews.com/thread?463829 http://www.osnews.com/thread?463829
I thought being unable to install applications would make it free from spyware. No such luck. Time to research vectors and defenses...


Wow, what Symbian version do you have? S40? I assure you, on Symbian smartphones, you most certainly can install apps. In fact, it was one of the first mobile platforms where this was possible and is still the most open one in terms of what you're allowed to do without hacking it. Thu, 24 Feb 2011 15:24:00 GMT donotreply@osnews.com (darknexus) Comments Welcome to a new world http://www.osnews.com/thread?463837 http://www.osnews.com/thread?463837
To stay safe, NetQin experts give the following tips in using your phone:
...
4. Install a trusted security application to protect your phone from security threats.

What a lovely world this will be for Symantec and their ilk! Thu, 24 Feb 2011 16:07:00 GMT donotreply@osnews.com (vodoomoth) Comments Symbian anti virus http://www.osnews.com/thread?463868 http://www.osnews.com/thread?463868 I know Anti-Virus is a swear word to some, but there is some long establish Anti-Virus solutions for Symbian.
Yes, it's not a silver bullet, but it sure helps.
Only thing is, Symbian anti virus solution providers...how long will they commit to these products on Symbian given uncertainty about it's future. Thu, 24 Feb 2011 19:42:00 GMT donotreply@osnews.com (fran) Comments RE[2]: Gee, and I just bought a symbian phone... http://www.osnews.com/thread?463893 http://www.osnews.com/thread?463893
Wow, what Symbian version do you have? S40? I assure you, on Symbian smartphones, you most certainly can install apps. In fact, it was one of the first mobile platforms where this was possible and is still the most open one in terms of what you're allowed to do without hacking it.


Most can, this one barely has enough storage to store a few dozen text messages. Fri, 25 Feb 2011 01:26:00 GMT donotreply@osnews.com (Almafeta) Comments just wondering http://www.osnews.com/thread?464124 http://www.osnews.com/thread?464124 Who is going to listen to 150,000+ devices?
I understand that the purpose of the exploit was "Once installed, the spyware will turn on the Conference Call feature of the device without users' awareness. When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation."

This is junk news spread by antivirus manufacturers to sell their mobile products. Sat, 26 Feb 2011 13:17:00 GMT donotreply@osnews.com (NotGoingDumb) Comments