So there I was, heading back to shore in a banca after fishing in rough Pacific waters, tinkering with my new Nokia 7610 that had just rang a message alert. At least I know now that Globe has good signal even that far off. As waves rocked the boat, I hurriedly was deleting the MMS when I scrolled to the wrong menu item and opened it by mistake. Another boo-boo followed when I pressed the wrong command, "yes" instead of "no", and accidentally installed the Trojan on my phone memory. I searched for the MMS again and deleted it correctly this time, or so I thought.
By nightfall and all through the next morning, a warning kept flashing on the screen: "Message not sent". Too, the MMS kept reappearing in my Inbox, and I kept deleting it. About noon, a female friend from La Union texted: "You just sent me an MMS entitled ‘FreeSex’; it’s a cellphone virus, in the news only last Friday night; millions infected."
Only then did it dawn on me: a worm was crawling through my directory, sending the same pesky MMS to everyone in my Contacts list. Those whose GPRS modes were on had received it. I thought of the bishops, nuns and priests in my directory, wondering what they thought of my "FreeSex" enticements. Was that why Fr. Melo of Cebu kept wishing me a Happy Pentecost last Sunday, his way perhaps of saying "repent, the end is near"? To those whom I inconvenienced with my virus spreading, my apologies. To those who are not GPRS-capable, you didn’t miss anything, thank God.
It was a costly mistake. Every MMS the CommWarrior virus sent out cost me P5 if the recipient was in country, P20 if overseas. Fortunately the phone was still under warranty, and the Nokia service shop on Morato Avenue, Quezon City, offered to delete the Trojan for free. Unfortunately, only the contacts and photo/video items in the Gallery were retained, all other settings and software installations were erased.
CommWarrior, according to The Register and Itchy Hands Internet sites, is the first virus known to spread by MMS. Unlike Cabir, which jumps from one mobile phone to another via Bluetooth, thereby infecting only nearby units, CommWarrior is capable of multiplying itself within hours by sending to contacts around the world. Discovered in March, the worm is believed by Finnish anti-virus firm F-Secure to be of Russian origin. This, because of the text it contains that says, "OTMOP03KAM HET," roughly translated as "No to braindeads."
CommWarrior attacks only Symbian Series 60 phones and has to be accepted and downloaded by the recipient before the Trojan launches itself – like I carelessly did. There was a long line of virus victims at the Nokia service shop last Monday, and most said they thoughtlessly opened the MMS with CommWarrior, against their better judgment, because the senders were close friends or relatives. Itchy Hands warns that the Trojan uses more than 20 different messages to try to lure users into opening its file, including text designed to look like legitimate software updates from Symbian, or even pornographic photographs. This makes me all the more embarrassed what images, if any, my "FreeSex" messages must have displayed. Again, my apologies, Bishop, Mother Superior, Father.
The Register and Itchy Hands did not say if CommWarrior can ruin a phone. I asked the other victims at the Nokia shop if their units were still working. All said yes, aside from pesky warnings about unsent messages and corrupted files. Disinfecting took two hours because there were so many of us. Too, the Nokia service staff was inefficient and sloppy. I had given specific instructions that they disinfect both the phone and the memory card. Only when I returned hours later and asked if they checked both did they remember to disinfect the latter. And then I had to bring the unit back the next day because the CommWarrior was still listed in the "Applications Manager", a log of installed items.
If your phone ever gets "virused" or suspect it did, immediately turn off your GPRS mode. This will prevent it from sending the same worm to your Contacts entries. Otherwise, your bill could balloon.
To make sure if you happened to have installed a virus, scroll to "Tools" and open "Applications Manager". It will display a list of installed software, and the virus name will be there too.
F-Secure offers disinfectants for CommWarrior and its variants. Click to www.f-secure.com/v-descs/commwarrior.shtml for instructions. You can either install the cleaning file via Bluetooth or download F-Secure Mobile Anti-Virus directly to your phone.
To lessen the chances of virus infection, turn on your GPRS and Bluetooth modes only when needed.