The source code for the most prevalent worm targeting mobile phones has been made public, security firms announced Wednesday, a dangerous disclosure that may lead to more effective attacks.
Cabir, which first appeared in June, uses Bluetooth to infect smart phones running the Symbian operating system. Disguised as a security utility, Cabir itself doesn't do any permanent damage, but it has been used to deliver other malicious codes, such as the Skulls Trojan horse, to phones. The worm has been detected in several countries, including China, India, Turkey, the Philippines, and Finland, and spreads as people travel with infected phones.
According to several anti-virus vendors, the source code for the Cabir worm is out and in the hands of those beyond the immediate circle of "29A," the Russian hacker gang thought responsible for originally creating the worm.
"As far as we know, until now the Cabir source code was accessible only to a limited number of people, including members of 29A," said Alecks Gostev, a senior virus analyst at Kaspersky Labs in an e-mail. "We think it was planned to publish the source code in the next edition of the group's electronic journal. [But] it looks like someone has already got access to the code, and now it's public.
"This will lead to a lot of new versions of Cabir," he added.
U.K.-based Sophos had a different take on the Cabir source code. The code, which Sophos has spotted on a Brazilian hacker's Web site, is not from 29A, but that used to create Cabir.h. and Cabir.i, the two most recent variations. According to Sophos, the Brazilian claims to have written the worms from scratch, then posted his own source code.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
