Tuesday, February 28, 2006

MARA Discovers First PC to Handheld Crossover Malware

MARA Discovers First PC to Handheld Crossover Malware

This was the tittle of a news published recently in AximSite. I would like to reproduce here a fragment (italics) of that news:

Originally Posted by hnelson59
The crossover virus was written in C# (C Sharp) using Visual Studio .NET 2003, and the Communications Library of openNETCF.org.

What a lame!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
The communication library of opennetcf.org is super but it's 48kb. On top of that the virus needs two files at least: the executable and that library to work. Analyzing all this info provided by MARA, I could recreate the whole process with just one EXE and with a lot less KBs. A proof of that is that in my latest Tweaks2k2 PC Edition I decided not to use the OpenNETCF dll and stay with just one EXE.
But again... these kind of viruses are for stupid guys. There is not need for any antivirus to be safe against these kinds of viruses. Just use a common sense every time you receive an attachment and you will be completely safe. Just remember one thing. Your PPC is slow and it will run slower if you have an AV installed on it checking for these "viruses for Stupid guys".

How these Virus Creators work?
1- they create virus looking for fame
2- fame comes with a huge number of Computers, PPCs or SPs or Phone damages
3- No Huge damage, no fame, so why to create a virus?

Now, if you understand my 3 above mentioned points it's easy to understand why the PPC and SP worlds are not yet attractive grounds for viruses creators.
1- it's almost impossible at this point to create a virus capable of self-infecting PCs and PPC and SP at the same time. To write a virus capable of replicating (infecting PCs without the need of human intervention) you need a more powerful language than .NET.
2- If you create that kind of virus then you will find that it wont run CE because it was not compiled for this OS.
3- if you can create a virus that can infect PCs by itself you need to create a worm and send it by email. What is the possibility of your email reaching a stupid guy that opens it? On top of that, what is the probability of that that stupid guy has a Pocket PC or SP. This cut the whole % of success to very tiny amount. And remember what I say, fame comes with a huge amount of casualties. No casualties no fame, then why I should spend my time in writing something that difficult.

Knowing how hard is to write that kind of virus capable of reaching a huge amount of victims and how low is the probability of finding a Stupid guy owning a Pocket PC (to own a PPC you need money and you need to be a geek) I wont bother at all to spend even a minute into that idea.


Post a Comment

<< Home