CommWarrior mobile virus hits UK

F-Secure has reported the first sighting of CommWarrior in the UK, after a holidaymaker managed to get their phone infected while sailing in the Mediterranean

The United Kingdom has become the fifteenth country to be witness an infection by the CommWarrior mobile phone virus, security experts claimed on Tuesday.

According to security firm F-Secure, a British citizen's mobile phone fell victim to the CommWarrior virus during a holiday earlier this year. The unsuspecting holidaymaker returned home, and only discovered the infection some weeks later.

"The user actually got infected while sailing in the Mediterranean," said Patrick Runald, senior antivirus consultant. "She repeatedly said no to accepting the message, but it kept trying so eventually she accepted it."

CommWarrior targets mobile phones that use the Symbian Series 60 operating system, and spreads either over Bluetooth or as an MMS. The user infected in the Mediterranean was infected over Bluetooth, presumably by another infected user nearby.

Between 0800 and 0000, a phone infected with CommWarrior will attempt to spread the infection to other phones over Bluetooth. Between 0000 and 0700 the virus sends itself by MMS to contacts in the phone's address book, and between 0700 and 0800 it attempts to delete evidence of its activity.

According to Runald, the infection was only discovered when user spotted that her mobile credit was going down unexpectedly fast, due to the MMS activity. Various friends had also contacted her after receiving an MMS from her.

CommWarrior is more serious than other mobile phone viruses, such as Cabir, because its MMS propagation can hurt a user financially. But — like all mobile phone viruses to date — it relies on a user agreeing to run malicious code.

"No mobile phone viruses have broken the security protection. They all rely totally on user action," said Runald.

While this is the first reported CommWarrior infection in the UK, it's likely that other UK citizens have been sent the virus before, even if they didn't run it, as the MMS propagation method allows CommWarrior to rapidly spread worldwide.