How cell phones get hacked.

Answers to your questions about the news.
Feb. 23 2005 5:13 PM

Can Your Phone Get a Virus?

How cell phones get hacked.

A cell phone virus turned up at an electronics store in Santa Monica earlier this week. One of the phones in the store had been infected with "Cabir," a somewhat malicious piece of code that drains batteries and propagates itself via wireless connections. How does Cabir work?

It jumps from phone to phone using short-range networks. Many cell phones use the Bluetooth standard to link up with nearby devices without a cable. You can use Bluetooth to send photos to your printer, to update the address book on your laptop, or to use a wireless headset. And if you're within about 30 feet of someone's cell phone, you can also use Bluetooth to send a virus.

Daniel Engber Daniel Engber

Daniel Engber is a columnist for Slate

Advertisement

Cabir doesn't work exactly like most computer viruses or worms; it's a stand-alone program that must be installed (unwittingly) by each cell phone user. Only Bluetooth-enabled phones can be victimized and then only if the phone happens to be one that uses the Symbian Series 60 platform.

If you get infected with Cabir, you've earned it. First you have to be operating in "discoverable" mode, which makes your phone visible to other Bluetooth devices in the area. If an infected phone tries to infect yours, a note will appear asking you to accept a message from a device you may not recognize. If you do, another dialog box will ask if you really want to install an unverified program. Click "accept" again and you'll get a third dialog box that says, "Install caribe?" One more click and you've got the virus.

Cabir (first named "Caribe-VZ/29a" by its designer, "Vallez") will then attempt to transmit itself to the first Bluetooth-enabled device it finds. This could be the cell phone of someone standing nearby, or it could be your wireless mouse, keyboard, or printer. The infection will spread only if Cabir finds another cell phone, and then only if that phone's user accepts the message.

The virus latches onto the first device it finds and attempts to infect it over and over again. This monopolizes your Bluetooth network and drains the battery but otherwise has little effect on the operation of your phone. Cabir is not particularly virulent; the device it chooses may be one that's not vulnerable to infection (like a printer), or the device might quickly move out of range.

There are other ways to attack a Bluetooth phone. The most benign—bluejacking—allows a stranger to send you a message that's up to 248 characters long without permission. But bluesnarfing exploits security holes in certain phone models to obtain personal information from your phone, while bluebugging lets a hacker execute files on your phone.

In theory, phone viruses could propagate over the wide-ranging cellular networks themselves, rather than using 30-foot Bluetooth networks. But the cellular networks only transmit information between specific, "trusted" devices, and these simple communications are relatively easy to secure. Bluetooth has so many applications—and so many underlying pieces of software—that securing all of them can prove difficult. A determined hacker can even use a special antenna to extend the range of a Bluetooth network to a mile or more.

Bonus Explainer: Paris Hilton's T-Mobile Sidekick was not infected with a virus, nor was it bluejacked, bluesnarfed, or bluebugged. Her address book, notes, and naked photos were swiped directly from the central T-Mobile servers.

TODAY IN SLATE

Politics

Smash and Grab

Will competitive Senate contests in Kansas and South Dakota lead to more late-breaking races in future elections?

Stop Panicking. America Is Now in Very Good Shape to Respond to the Ebola Crisis.

The 2014 Kansas City Royals Show the Value of Building a Mediocre Baseball Team

The GOP Won’t Win Any Black Votes With Its New “Willie Horton” Ad

Sleater-Kinney Was Once America’s Best Rock Band

Can it be again?

Technocracy

Forget Oculus Rift

This $25 cardboard box turns your phone into an incredibly fun virtual reality experience.

One of Putin’s Favorite Oligarchs Wants to Start an Orthodox Christian Fox News

These Companies in Japan Are More Than 1,000 Years Old

Trending News Channel
Oct. 20 2014 6:17 PM Watch Flashes of Lightning Created in a Lab  
  News & Politics
Politics
Oct. 20 2014 8:14 PM You Should Be Optimistic About Ebola Don’t panic. Here are all the signs that the U.S. is containing the disease.
  Business
Moneybox
Oct. 20 2014 7:23 PM Chipotle’s Magical Burrito Empire Keeps Growing, Might Be Slowing
  Life
Outward
Oct. 20 2014 3:16 PM The Catholic Church Is Changing, and Celibate Gays Are Leading the Way
  Double X
The XX Factor
Oct. 20 2014 6:17 PM I Am 25. I Don't Work at Facebook. My Doctors Want Me to Freeze My Eggs.
  Slate Plus
Tv Club
Oct. 20 2014 7:15 AM The Slate Doctor Who Podcast: Episode 9 A spoiler-filled discussion of "Flatline."
  Arts
Brow Beat
Oct. 20 2014 9:13 PM The Smart, Talented, and Utterly Hilarious Leslie Jones Is SNL’s Newest Cast Member
  Technology
Technocracy
Oct. 20 2014 11:36 PM Forget Oculus Rift This $25 cardboard box turns your phone into an incredibly fun virtual-reality experience.
  Health & Science
Medical Examiner
Oct. 20 2014 11:46 AM Is Anybody Watching My Do-Gooding? The difference between being a hero and being an altruist.
  Sports
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.