The mobile threat

I’m sent more and more press releases about antivirus products for smartphones, the two most recent being from Norton and Kaspersky, both of which announced products that run on Symbian and Windows Mobile phones. But do we actually need antivirus software on our phones? Any such product is pretty much guaranteed to slow the device down, shorten its battery life and eat into the available memory. Are mobile viruses currently a real threat?

The mobile threat

I asked both Symantec (purveyor of said Norton software) and Kaspersky what information they had about Symbian and Windows Mobile viruses that are active “in the wild”, that last phrase being crucially important. I’m always a bit sceptical when antivirus vendors proclaim silly numbers for detection statistics, because the vast majority of the viruses known about today have been created in the lab (often by the antivirus vendors themselves) and have never appeared outside of this artificial environment. I wish the companies concerned (not just Symantec and Kaspersky – they’re all at it!) would promote their products on the basis of how they deal with real-world rather then theoretical threats.

But back to the mobile products. Symantec was the first to reply to my request, and its spokesperson said: “Since June /July 2004, Symantec has detected, monitored and observed over 300 unique instances of mobile malware threats, some of which have been recorded in the wild. Ninety-eight per cent of these have occurred on the Symbian platform, meaning over 300-340 viruses have been written for the Symbian platform. Only 1% have occurred on the Windows Mobile and Java platforms. In particular, we have detected variations of the Cabir and Commwarrior worms spreading wirelessly in the ‘wild’. Thirty-one unique instances of Cabir and 18 unique instances of Commwarrior have occurred across these mobile platforms.

“It’s definitely true to say that these can propagate wirelessly, specifically via Bluetooth. However, the initial seeding of these threats was that they were downloaded by users thinking they were useful apps/games and then copied over and installed onto their phones. Once on the phones, these threats would attempt to spread wirelessly to other phones.

“We have seen bursts of activity across Windows, Java and Symbian platforms since 2004; however, there has been a significant slowdown in mobile threats in the wild since June 2007. The reason for this pattern change is due to the release of Symbian version 9.1. With this latest version, files that wish to perform important actions on the device (eg, deleting files) have to be signed, through a “Symbian Signed” process, before releasing, therefore making it much harder for cybercriminals to infect the mobile platform.

“For the moment, it is likely that malware writers have moved to ‘greener’ pastures where they have a better effort/reward ratio. Nevertheless, we do anticipate seeing a rise again in mobile virus activity as the mobile consumer and business markets continue to boom.”

Hmmm… I don’t know about you, but what that says to me is that right now, unless you happen to be running an elderly Symbian phone, you don’t have an awful lot to worry about. I’m not saying this won’t change at some point in the future – it almost certainly will – but I’m not convinced that right now is the time to install antivirus software on your phone. Maybe Kaspersky can convince me otherwise.

This is what Sergey Nevstruev, the company’s business development manager told me: “Antivirus companies all over the world have already detected hundreds of different malware modifications for smartphones. Of course, not all of them are circulating widely, although there are several that have already caused localised epidemics.

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos