We have already seen a file infector working on smartphones (see WinCE.Duts.A) and a worm that could spread by infecting storage cards (see WinCE.Infomeiti). Now, we have the first polymorphic worm (although some refer to it as a companion virus) that affects smartphones running Windows CE platform on ARM processors—it is known as WinCE.Pmcryptic.A. It spreads by generating new polymorphic copies of itself each time, and can cause a severe nuisance on a compromised phone (including unwanted phone calls to toll numbers).
After analyzing the sample, we discovered it contained many interesting payloads. So, we executed it on a test...
There’s nothing like coffee one-upmanship to make the blood boil. “You’re still drinking lattes? With actual milk from a cow? Good grief, where have you been?” Nowadays though, it seems that coffee one-upmanship is no longer enough to secure the seemingly coveted “hippest person in the café” crown. Now that portable devices are actually portable, cafés and other public spaces seem to be prime territory for people keen to show off their technological gadgetry.
I’ve been keeping an eye out during my recent café trips – doppio, natch – and usually around half of the customers are tapping away on notebooks, ultra-portables and tablet devices. This is, admittedly, in tech-enamored Tokyo, but the use of truly portable and network-capable machines is clearly going to increase as specs go up and costs come down. Cafés are finding that free Wi-Fi access is now expected by their gizmo-toting customers.
Reports started appearing on Saturday regarding the existence of malicious packages for the Apple iPhone. A package called "iPhone firmware 1.1.3 prep", which was described as “An important system update. Install this before updating to the new 1.1.3 firmware.” was reportedly causing problems for iPhone users once uninstalled.
According to various reports, installing the package doesn't have much effect on the iPhone. However, uninstalling it may cause problems, as the malicious package overwrites some other applications during the install. Some of the applications it overwrites are "Erica's Utilities" (a collection of command-line utilities for the iPhone) and OpenSSH. If the user chooses to uninstall the bogus package, these applications will also be removed. Affected users will need to reinstall these applications.
This is technically the first Trojan horse seen for the iPhone, however it does appear to be more of a prank than...
