PRESS RELEASE

For release June 15, 2004

The first mobile worm Cabir proves a point, but causes no serious threat

Cabir, a Symbian OS worm discovered yesterday, has been confirmed to be the
first real mobile phone virus. Symbian OS is an open operating system, which
is used in data-enabled mobile phones of leading phone maunufacturers.

The Cabir worm runs in mobile phones that use the Symbian Series 60 user
interface platform. The worm is packed in a Symbian installation file (.sis)
and tries to spread further over Bluetooth. When installed in the phone, the
worm activates automatically and starts looking for new devices that use
Bluetooth. Once Bluetooth phones in discoverable mode are found, the worm
tries to replicate by sending itself to them. The worm activates, if the user
of the receiving phone chooses to accept and install the received file named
caribe.sis, which contains the worm.

Although the worm does not cause any immediate threat to phone users, it
clearly demonstrates the fact that technology to write viruses on mobile
devices already exists and is also known to virus writers.

"No incidents of Cabir spreading have been reported so far, but this worm is
nevertheless perfectly functional and able to spread if released in the
wild", Matias Impivaara, Business Manager, Mobile Security Services, at
F-Secure explains. "If a person with an infected phone was walking through a
city centre during the busiest afternoon jam, thousands of others could be
infected. Even when we tested this worm, we had to do it in the company's
bomb shelter in order to prevent the worm from connecting to other Bluetooth
phones and spreading", he continues.

Mobile malware incidents cause end user support load, terminal downtime,
negative customer experience, slow service adoption, and bad publicity. The
possibility of virus threats on mobile devices is increasing constantly when
more advanced handheld devices are introduced to the market. Also
unintentional harmful content and vulnerabilities in mobile devices are
causing more and more problems.

The emerging mobile virus threat calls for new measures from both the service
providers and users of mobile devices. Protection against harmful content
will be required on every terminal using an open operating system, but
smartphone users should not be troubled with security any more than is
absolutely necessary.

Operators, service providers and mobile device vendors are in the best
position to provide antivirus services for mobile phone users. Mobile phone
users themselves should be cautious about the threat and be careful not to
install any unknown applications.

The Symbian Series 60 version of F-Secure Mobile Anti-Virus detects the Cabir
worm and is able to delete the worm components.

F-Secure Mobile Anti-Virus is comprehensive solution for protecting mobile
terminals against harmful content. It provides real-time on-device protection
with automatic over-the-air antivirus updates through a patented SMS update
mechanism or HTTPS connections.

More information and screen shots of the worm installation and disinfection
are available at http://www.f-secure.com/v-descs/cabir.shtml and
http://www.f-secure.com/weblog/.