When WinCE4/Dust hit the road back in 2004, its author decorateds thjis proof-of-coincept virus with the following words(before sending it out to a few AntiVirus vendors):
This code arose from the dust of Permutation City
This is proof of concept code. Also, i wanted to make avers happy.
The situation when Pocket PC antiviruses detect only EICAR file had to end …
However, McAfee now reports about a new “virus” called InfoJack. It has been distributed in a bundle of (probably pirated) applications. McAfee claims that this self-updating application currently has the following features:
- installing as an autorun program on the memory card
- installing itself to the phone when an infected memory card is inserted
- protecting itself from deletion, copying itself back to disk
- replaces the browser’s home page
- allows unsigned applications to install without warning
Additonally, it sends some data about the phone back to its “owner”.
While this tiny-teeny virus is harmless, it nevertheless shows that Windows Mobile is perfectly vulnerable to virii. This will not only generate loads of revenue from AV vendors, but also clearly shows that piracy is dangerous.
Please don’t get me wrong - I am not supporting the criminal works of virus writers in any way. However, more virii definitely leads to more wannabe pirates burning their hands and stopping to do pirated apps - something that developers will definitely appreciate!
