1. /
  2. Security Response/
  3. SymbOS.Commwarrior.B

SymbOS.Commwarrior.B

Risk Level 1: Very Low

Discovered:
March 7, 2005
Updated:
February 13, 2007 12:34:59 PM
Also Known As:
SymbOS/Commwarrior.b!sys [McAf
Type:
Worm
Systems Affected:
EPOC

SymbOS.Commwarrior.B is a worm that replicates on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. It attempts to spread using Multimedia Messaging Service (MMS) and Bluetooth as a randomly named .sis file. If it is the first hour of the 14th of any month, the threat resets the device.

Note: Virus definitions released March 8, 2005 may detect this threat as SymbOS.Commwarrior.A.



Symantec recommends the following to protect against this threat:
  • If Bluetooth is not required, it should be turned off.
  • If you require the use of Bluetooth, ensure that the device's visibility setting is set to "Hidden" so that it can not be scanned by other Bluetooth devices.
  • Avoid use of device pairing. If it must be used, ensure that all paired devices are set to "Unauthorized". This requires each connection request to be authorized by the user.
  • Do not accept unsigned applications (no digital signature) or applications sent from unknown sources. Be absolutely sure of the origin of the application before accepting it.

Symantec offers a security solution for Symbian known as Symantec Client Security for Nokia Communicators. This product can be downloaded via the Nokia 9500/9300 web browser or from a PC. Symantec will never send unsolicited messages regarding one of our products. For additional information please see http://www.symantec.com/smallbiz/nok.

Antivirus Protection Dates

  • Initial Rapid Release version March 9, 2005
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version March 9, 2005
  • Latest Daily Certified version April 21, 2012 revision 017
  • Initial Weekly Certified release date March 9, 2005
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Medium
Writeup By: Eric Chien, Peter Ferrie

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver