Palm hit by Trojan horse

A Trojan horse posing as a warez program for the Game Boy emulator Liberty, can delete programs on the Palm

The carefree days for the Palm handheld are over. A Trojan horse -- a program that poses as a beneficial application, yet does something completely different -- is making its way through the underground circles of Palm users.

The program, which appears to be a "crack" for the Game Boy emulator Liberty 1.1 is, in reality, a testing utility created by Swedish Palm developer and University of Gävle lecturer Aaron Ardiri.

Ardiri created the program to initialise a Palm device to a "messy" state, which he said was equivalent to what would happen after several years' use.

"I was writing a new program for the Palm, called Sweeper, that will find old databases and preferences and clean them up," he said in a phone interview from Sweden. "I use this software to set up a new environment."

That's a euphemism for deletion. The program deletes all programs from any Palm device on which it is installed. While an "infected" Palm can be reset and the programs and data resynchronised from a PC, some data could be lost.

According to Palm spokeswoman Julia Rodriguez, the company is unaware of any case of a user's data being deleted by the Trojan horse. But the company is working with its partners to add better security to combat such incidents in the future, she said.

How the program was released to the public is a point of some contention. According to Ardiri, who has done some research on how to prevent his programs from being "cracked", one of the handful of people he gave the test program to must have distributed it.

"The problem is that I trusted others not to distribute this," he said. "There were four or five people that I gave it to... The real truth is that I never released this program."

Other, mostly anonymous, posters on PalmStation.com, are blaming Ardiri for releasing the program himself to get back at a community that distributed hacked versions of his applications. Ardiri was a cocreator of the Liberty emulation program.

Cracking applications, known as warez, have been the bane of many software developers. "Scum like you belong in the piranha tank," flamed one anonymous poster.

Yet Ardiri stressed that his anti-cracking research is entirely aimed at creating programs that are harder to crack, not ways to punish software pirates. He said he is talking with anti-virus software maker McAfee.com to release a program to search for and delete the "test" utility, even if it is renamed.

"What should really come out of this is a bit of user awareness," he said. That's especially true because personal digital assistants have little security.

"All of the existing Palm platforms are insecure," said Carey Nachenberg, chief researcher for Symantec's Antivirus Research Centre. "The operating systems are akin to DOS on the PC."

Palms are not alone, he said. All PDAs are insecure since "they are running on processors that do not support security features."

While the Palm's lack of security has appalled many security specialists, most users are generally not worried about losing their data, in part because it is so easy to create a backup by synchronising the device.

Symantec announced June that it is creating antivirus software for the Palm platform.

"There are a lot of possibilities for spreading viruses on a PDA," said Nachenberg. "And it will become more of a problem as these devices become more and more connected."

Take me to Hackers

Take me to the Virus Workshop

What do you think? Tell the Mailroom. And read what others have said.