Duts shows viruses for Windows Mobile a reality

July 17, 2004

Kaspersky Labs has detected Duts, the first virus for Windows Mobile.

Kaspersky Lab, a leading information security software developer, has detected Duts, the first virus for Windows Mobile. This is one of the most popular platforms for mobile devices such as PDAs and smartphones.

'Duts is a proof-of-concept malicious program; it demonstrates that Windows Mobile is vulnerable to infection. Our tests show that the virus can propagate effectively in such an environment,' said Eugene Kaspersky, Head of Anti-Virus Research at Kaspersky Lab. 'However, we don't expect a major outbreak - Duts is unable to spread independently, only infects a limited number of files, and signals its presence in the system when attempting to propagate.'

Duts was created by Ratter, the pseudonym of a virus writer who is an active member of the international group 29a. The group is well known for its proof-of-concept viruses, including the recent Cabir, the first worm for Symbian OS.

Duts is a classic parasitic virus and is 1520 bytes in size. It can penetrate mobile devices via email or the Internet, through removable memory, via synchronization with a PC or using Bluetooth technology.

Once the infected file is launched, the following dialogue box will be displayed:

If the user clicks yes, Duts penetrates all executable files larger than 4KB located in My Device (the root directory). When infecting, the virus writes itself to the end of the file and modifies the entry point. An empty header field will then be flagged with the text 'atar' to prevent re-infection of already infected files. Duts does not appear to have any destructive payload.

'The events of the past month are really disturing. The computer underground has pounced on the new opportunities offered by mobile devices. And now malicious programs are evolving in yet another direction, bringing the first global outbreak caused by a mobile virus closer and closer.' added Eugene Kaspersky.

Kaspersky Lab' antivirus databases already contain detection and removal routines for Duts. Kaspersky® Anti-Virus for PDAs running Windows CE can be downloaded here.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Duts shows viruses for Windows Mobile a reality

Duts shows viruses for Windows Mobile a reality

About Kaspersky

Related Articles Press Releases

Dangerous Loki backdoor discovered: Kaspersky experts identify agent in Russian company cyberattacks

DIY Ransomware: novice cybercriminals bigger threat thanks to off-the-shelf code

Kaspersky identifies new APT group targeting Russian government entities

SMB cyber infections rising amid resurgence of attacks leveraging Microsoft Excel, Kaspersky reports

Every third cyber incident was due to ransomware, Kaspersky reports

Global mobile banking malware grows 32 percent in 2023

Turkey, Russia, Southeast Asia and Latin America hit by Android threats, Kaspersky identifies

‘Coyote’ ugly: Kaspersky unveils banking trojan targeting over 60 institutions

New cross-platform threats uncovered by Kaspersky

Kaspersky reveals advanced tactics in cyber espionage campaigns using MATA toolset