1. /
  2. Security Response/
  3. SymbOS.Commwarrior.A

SymbOS.Commwarrior.A

Risk Level 1: Very Low

Discovered:
March 7, 2005
Updated:
February 13, 2007 12:34:51 PM
Also Known As:
Commwarrior.A [F-Secure], SymbOS/Commwarrior.a [McAfee], SYMBOS_COMWAR.A [Trend Micro]
Type:
Worm
Systems Affected:
EPOC

SymbOS.Commwarrior.A is a worm that replicates on Series 60 phones. It attempts to spread using Multimedia Messaging Service (MMS) and Bluetooth as a randomly named .sis file. If it is the first hour of the 14th of any month, the threat resets the device.



Symantec recommends the following to protect against this threat:
  • If Bluetooth is not required, it should be turned off.
  • If you require the use of Bluetooth, ensure that the device's visibility setting is set to "Hidden" so that it can not be scanned by other Bluetooth devices.
  • Avoid use of device pairing. If it must be used, ensure that all paired devices are set to "Unauthorized". This requires each connection request to be authorized by the user.
  • Do not accept unsigned applications (no digital signature) or applications sent from unknown sources. Be absolutely sure of the origin of the application before accepting it.

Symantec offers a security solution for Symbian known as Symantec Client Security for Nokia Communicators. This product can be downloaded via the Nokia 9500/9300 web browser or from a PC. Symantec will never send unsolicited messages regarding one of our products. For additional information please see http://www.symantec.com/smallbiz/nok.

Antivirus Protection Dates

  • Initial Rapid Release version March 8, 2005
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version March 8, 2005
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date March 9, 2005
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Medium
Writeup By: Frederic Perriot, Peter Ferrie

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver