Earlier versions of Cabir, which spreads through phones running the Symbian operating system and Bluetooth wireless technology, won attention this summer for being theto spread via smart phones. But they were quickly determined to be .
"These new Cabir variants fix a flaw that was slowing down original Cabir's spreading speed," F-Secure warned in a release Tuesday. "Cabir originally would only spread to one new phone per reboot (while) Cabir.H and Cabir.I can spread to an unlimited number of phones per reboot."
The sheer quantity of variants being detected now and their closeness to the original indicate that Cabir's secret sauce is no longer much of a secret, F-Secure warned.
"These new variants seem to be recompiled versions based on original Cabir source code," F-Secure said. "Which means that the Cabir source code is floating around in the underground. Which is bad news. We didn't know the sources were out there, and we've never seen them."
F-Secure said the latest variants had not been detected in the wild, and that Symbian users can protect themselves by turning off the phone's "discoverable" mode. The malicious software affects only Symbian OS-based phones running Nokia's Series 60 user interface, according to Symbian.