New Palm virus detected

From...

The "Phage" virus spreads by replicating itself

by Terho Uimonen

(IDG) -- Owners of PalmOS-based devices beware: Researchers at an antivirus software company have discovered a new virus carrying a destructive load that can infect PalmOS applications and replicate itself.

The destructive nature of the PalmOS virus distinguishes it from the recent "Liberty Crack" Trojan horse program that also was designed for the Palm platform, antivirus software vendor Network Associates said in a statement Friday. In this case, the virus can spread from one Palm to another if infected files are shared.

However, as the virus has not yet been found outside controlled environments, the researchers at the company's McAfee Avert unit have given it a low risk assessment, the statement said.

When executed, the virus fills the screen of a PalmOS-based device with a dark gray box and terminates the application that is running and then replicates itself to other applications, according to the statement.

MORE COMPUTING INTELLIGENCE

IDG.net home page

Download free software from PCWorld.com

ITWorld.com: The IT Problem-Solving Network

TechInformer: The Thinking Internaut's Guide to the Tech Industry

E-BusinessWorld

Reviews & in-depth info at IDG.net

Virus developer has regrets

Palm-virus prevention in the works

Questions about computers? Let IDG.net's editors help you

Personal computing news and reviews from IDG.net

Search IDG.net in 12 languages

News Radio

Fusion audio primers

Computerworld Minute

Computer security firm F-Secure Corp. also released a statement Friday claiming to have posted a free fix for the new virus on its Web site.

"As the first real virus on any PDA platform, this is an important milestone in computer virus history," said Mikko Hypponen in the statement.

F-Secure also wrote that the virus -- referred to as "Phage" -- can affect a variety of PDA devices manufactured by Palm, Handspring, IBM, TRG, and Symbol Technologies.

A user gets infected when Phage spreads from one Palm to another if infected files are shared via beaming or installed at a docking station.

"Since the virus can also spread through wireless data transfer from one Palm device to another, it is important for users to be very cautious when downloading applications -- think about where you are downloading from," the statement reads.

Users may restore infected PalmOS-based devices using the HotSync manager by setting all HotSync conduits to "Desktop overwrites Handheld" and HotSyncing with the Palm desktop, the statement adds. The virus may also be deleted from the PalmOS device manually.

However, the default settings for a Palm backup do not include applications, so that unless the user has changed the settings the applications will not have been backed up, F-Secure officials wrote. If this is the case, the user will need to reinstall the applications in addition to doing the HotSync.

Palm gets hit with first Trojan horse
August 29, 2000
Virus threat spreads to wireless
June 14, 2000
Can viruses be used for good instead of evil?
September 15, 2000
Wireless technology presents new security challenges
September 7, 2000
Messages can freeze popular Nokia phones
September 1, 2000

Symantec previews Palm anti-virus product
(IDG.net)
Palm gets first Trojan horse
(IDG.net)
Palm-virus prevention in the works
(IDG.net)
Network Associates upgrades intrusion detection software suite
(NW Fusion)
Virus developer has regrets
(ComputerWorld)
McAfee offers virus scan for Lotus Notes, Domino
(IDG.net)
Security hole found in Network Associates firewall
(ComputerWorld)
U.S. government invests $11 million in security
(InfoWorld)

Information on the virus
Network Associates
F-Secure

Note: Pages will open in a new browser window

External sites are not endorsed by CNN Interactive.