CommWarrior is the first known
malware that spreads via both Bluetooth and Multimedia Messaging Service (MMS). It can also be downloaded from malicious web sites as an archive file named COMMWARRIOR.ZIP.
It affects phones running the Symbian S60 platform. Some phones affected by commWarrior include the following:
Nokia 3650, 3600, 3660, 3620
Nokia 6600, 6620
Nokia 7610, 7650
Once running in a device, CommWarrior searches for other phones with Bluetooth. Once a target phone is found, it sends a randomly named SIS file to the target.
The SIS file enters the target phone’s Inbox attached to a message. When the message is opened, it activates the SIS file and installs the following:
“$” representive of drive chosen by the user during installation (drive C for the phone’s default root…or drive E for the phone’s Multimedia Card).
Commwarrior.exe is executed immediately after installation. It copies the dropped components into the following paths:
It also drops a copy of the SIS installation package:
Commrec.mdl executes CommWarrior every time the phone is rebooted.
CommWarrior attempts to create and send out an MMS message with a copy of its SIS installer as attachment.
MMS messages spread by this malware may have the following Subjects and Messages:
Released now for , install it!
3DGame from me. It is FREE !
3DNow!(tm) emulator for *GAMES*.
Live3D driver with polyphonic virtual speakers!
*FREE* CheckDisk for SymbianOS released!MobiComm
Official Symbian desctop manager.
Real True Color display driver!
New Dr.Web for Symbian OS. Try it!
Free *SEX* software for you!
Happy Birthday! It is present for you!
Internet accelerator, SSL security update #7.
It is *EASY* to *CRACK* provider accounts!
MS-DOS emulator for SymbvianOS. Nokia series 60 only. Try it!
Matrix has you. Remove matrix!
Nokia RingtoneManager for all models.
PocketPC *REAL* emulator for Symbvian OS! Nokia only.
Porno images collection with nice viewer!
Save you battery and *MONEY*!
Security update #12
Significant security update. See www.symbian.com
Symbian security update
See security news at www.symbian.com
OS service pack #1 from Symbian inc.
Virtual SEX engine from Russian hackers!
Helps to *CRACK* WWW sites like hotmail.com
It contains the following strings in its codes:
CommWarrior v1.0 (c) 2005 by e10d0r
CommWarrior is freeware product. You may freely distribute it in it's original unmodified form.
Manual Virus Removal
To kill the running CommWarrior process:
1. Download a third party Application Manager or used the Application Manager that comes with the phone.
2. Locate the CommWarrior process in the list of running applications.
3. Choose and cancel or terminate the process.
To remove the dropped components:
1. Download a third party File Explorer.
2. Locate and delete the following files:
where “$” stand for a drive chosen by the user during installation (drive C for the phone’s default root…or drive E for the phone’s Multimedia Card).
The information we supply on on this site is correct at the time of publishing. Weather you have a Nokia, Siemens, Panasonic or whatever symbian device you have we have the virus fixes for your virus afflictions here.
Search Our Articles on how best to remain virus free, and how to fix any infectections you may already have in you symbian device.
We have softwear links to UMU for the best antivirus softwear on the market, or we also list the manual methods of virus removal for most mobile viruses from Cabir, Dommed to CommWarrior and PBSteal plus everything inbetween.
We hope you find our site usefull and book mark us for future reference.....