Finnish company F-Secure, the leading supplier of Internet security software, announced the discovery of the first in history SMS Worm that infects cell phones.
The description of the harmful software called Sexy View appeared in the quarterly report F-Secure IT Security Threat Summary. This document contains information on the most widespread threats faced by PC users and owners of mobile devices. The indisputable leader of the original "charts" is the notorious worm Conficker (also known as Downadup, Kido). However it is possible to find information on the appearance of a new type of dangerous applications in one of the report sections.
The Experts claim that Sexy View (similar to virus Koobface spread between the clients of the social network Facebook) sends itself to all users listed in the address book of the infected device. The application sends a short text message to each recipient in the address book proposing to have a look at the “hot” photos and the URL-address of the corresponding website. The recipient, who does not suspect anything (as the message is coming from someone he knows) goes to the suggested website, where he is asked to install a certain application in order to be able to view the images. By agreeing to install this application, the user himself becomes a victim of this harmful program and provides his own list of contacts to the dangerous worm. Sexy View also sends data about all the infected cellular telephones to its owner who can then take advantage of the collected information for SMS spam dispatch.
«Sexy View deserves close attention for a number of reasons, - states Mikko Hypponen, the head of the research department at F-Secure, – First, we have never before encountered this method of distribution of dangerous programs. Secondly, this worm is currently the only one capable of bypassing the mechanisms for signature verification, which are used by all the new models of smart phones. Finally, timely development of effective protective measures will give the software producers an advantage in the struggle with mobile spam which is currently a rather serious problem in some countries ».
The full text of the report can be found on F-Secure website.