Russian antivirus firm Kaspersky Lab has identified what is apparently the first trojan horse application that specifically targets J2ME phones. RedBrowser is a Russian-language applet that purports to access WAP pages via SMS. RedBrowser actually sends several SMS messages to a premium number at a cost of about $5 each.
It is pretty easy to avoid this particular type of threat: Don't download and run software from untrusted sources. But RedBrowser may be a harbinger of things to come. As mobile devices become more popular, more sophisticated viruses, of course, will follow. But smartphones are an especially tempting target for malware because, as RedBrowser demonstrates, it is relatively easy to create programs that will generate money for the author of the malware. Virus writers were once motivated by two primary factors: a desire to prove themselves and their skills, and/or a grudge against someone or something. Today there is another factor at work: money. Windows computers are now frequently targeted by malware that makes their PC part of a botnet that can be used to extort money or commit other financial crimes. The owners of some of these botnets are rumored to have connections to organized crime.
My advice: don't panic. RedBrowser is not a true threat and, in fact, it is very unlikely that nasty software will affect a mobile device today. However, you should follow safe computing practices with your smartphone. This is problem that is likely to get a lot worse before it gets any better. - Eli
P.S. If you're going to be at GDC 2006 in San Jose, don't miss the FierceDeveloper networking party on Tuesday, March 21. We'll have a live band and free drinks. RSVP online!