MMS Security features

MMS Security features

FortiOS Carrier includes all the Security features of FortiOS with extra features specific to MMS carrier networks. This section includes:

  • Why scan MMS messages for viruses and malware?
  • MMS virus scanning
  • Sender notifications and logging
  • MMS content-based Antispam protection
  • MMS DLP archiving

 

Why scan MMS messages for viruses and malware?

The requirement for scanning MM1 content comes from the fact that MMS is an increasingly popular technique for propagating malware between mobile devices.

 

Example: COMMWARRIOR

This is a virus for Series 60 type cell phones, such as Nokia, operating Symbian OS version 6 [or higher]. The object of the virus is to spread to other phones using Bluetooth and MMS as transport avenues. The targets are selected from the contact list of the infected phone and also sought via Bluetooth searching for other Bluetooth- enabled devices (phones, printers, gaming devices etc.) in the proximity of the infected phone.

This virus is more than a proof of concept – it has proven successfully its ability to migrate from a zoo collection to being in-the-wild. Currently, this virus is being reported in over 18 different countries around Europe, Asia and North America.

When the virus first infects a cell phone, a prompt is displayed asking the recipient if they want to install “Caribe”. Symptoms of an infected phone may include rapid battery power loss due to constant efforts by the virus to spread to other phones via a Bluetooth seek-and-connect outreach.

The following variants among others are currently scanned by the FortiOS Carrier devices, in addition to more signatures that cover all known threats.

  • SymbOS/COMWAR.V10B!WORM
  • Aliases: SymbOS.Commwarrior.B, SymbOS/Commwar.B, SymbOS/Commwar.B!wm, SymbOS/Commwar.B-net, SymbOS/Commwarrior.b!sis, SymbOS/Comwar.B, SymbOS/Comwar.B!wm, SymbOS/Comwar.B-wm, SYMBOS_ COMWAR.B, SymbOS/Comwar.1.0.B!wormSYMBOS/COMWAR.V10B.SP!WORM [spanish version]
  • First Discovered In The Wild: July 04, 2007
  • Impact Level: 1
  • Virus Class: Worm
  • Virus Name Size: 23,320
  • SymbOS/Commwar.A!worm
  • Aliases: Commwarrior-A, SymbOS.Commwarrior.A [NAV], SymbOS/Commwar.A-net, SymbOS/Commwar_ezboot.A-ne, SymbOS/Comwar.A, SymbOS/Comwar.A-wm, SYMBOS_COMWAR.A [Trend]
  • First Discovered In The Wild: May 16 2005
  • Impact Level: 1
  • Virus Class: Worm
  • Virus Name Size: 27,936
  • SymbOS/Commwarriie.C-wm
  • Aliases: None
  • First Discovered In The Wild: Oct 17 2005
  • Impact Level: 1
  • Virus Class: File Virus
  • Virus Name Size: None

 

For the latest list of threats Fortinet devices detect, visit the FortiGuard Center.

This entry was posted in FortiOS 5.4 Handbook on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.