19 July 2004 The first ever virus targetting Microsoft’s PocketPC handheld operating system has been released by the 29a virus writing group, the same group that was responsible for June’s Symbian mobile phone virus, called Cabir.
Called ‘Duts’, the virus has not been released into the wild, but was intended as an academic ‘proof of concept’ exercise to demonstrate that PocketPC, like Symbian, contains security flaws that render it vulnerable to viruses and worms.
“Duts is a proof-of-concept malicious program; it demonstrates that Windows Mobile is vulnerable to infection. Our tests show that the virus can effectively propagate in such an environment,” said Eugene Kaspersky, head of antivirus research at Kaspersky Labs.
Duts is a classic parasitic virus. It penetrates is propagated among handheld devices via email or the Internet, through removable memory, by synchronisation with a PC or via Bluetooth technology.
Once the infected file is launched, the following dialogue box is displayed: “Dear User, am I allowed to spread?” Should the user click ‘yes’, the Duts virus then spreads through executable files located in the root directory of a PocketPC.
Kaspersky does not, however, see the virus as a major threat: it cannot propagate independently, only infects a limited number of files, and notifies the user of its presence when attempting to spread.