||||
Symantec.com > Security Response > Threats and Risks > SymbOS.Commwarrior.B
PRINT THIS PAGE

SymbOS.Commwarrior.B

Risk Level 1: Very Low

Printer Friendly Page

Discovered: March 7, 2005
Updated: February 13, 2007 12:34:59 PM
Also Known As: SymbOS/Commwarrior.b!sys [McAf
Type: Worm
Systems Affected: EPOC


SymbOS.Commwarrior.B is a worm that replicates on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. It attempts to spread using Multimedia Messaging Service (MMS) and Bluetooth as a randomly named .sis file. If it is the first hour of the 14th of any month, the threat resets the device.

Note: Virus definitions released March 8, 2005 may detect this threat as SymbOS.Commwarrior.A.



Symantec recommends the following to protect against this threat:
  • If Bluetooth is not required, it should be turned off.
  • If you require the use of Bluetooth, ensure that the device's visibility setting is set to "Hidden" so that it can not be scanned by other Bluetooth devices.
  • Avoid use of device pairing. If it must be used, ensure that all paired devices are set to "Unauthorized". This requires each connection request to be authorized by the user.
  • Do not accept unsigned applications (no digital signature) or applications sent from unknown sources. Be absolutely sure of the origin of the application before accepting it.

Symantec offers a security solution for Symbian known as Symantec Client Security for Nokia Communicators. This product can be downloaded via the Nokia 9500/9300 web browser or from a PC. Symantec will never send unsolicited messages regarding one of our products. For additional information please see http://www.symantec.com/smallbiz/nok.

Protection

  • Initial Rapid Release version March 9, 2005
  • Latest Rapid Release version October 22, 2009 revision 022
  • Initial Daily Certified version March 9, 2005
  • Latest Daily Certified version October 22, 2009 revision 023
  • Initial Weekly Certified release date March 9, 2005

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Medium

Writeup By: Eric Chien, Peter Ferrie
Search by name
Example: W32.Beagle.AG@mm
Limited Time Offers! Save up to 50%
Windows Vista Security
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS