First, it was a rumor. It even caused a minor controversy. And finally it was confirmed. Ladies and gentlemen, a virus (specifically a worm) that can jump from a PC to a Windows handheld is now a reality.

On February 28, 2006, a relatively new organization named Mobile Antivirus Research Association (MARA) announced that it has in its possession a virus that can cross over from a PC to a Windows handheld (News.com). Contrary to the usual practice, wherein an antivirus company who has a copy of a new malware shares it with those who don’t, MARA refused to share the code unless interested AV companies join their organization (Security Focus).

And now, at least 3 major AV companies have published their descriptions for the crossover worm: Trend Micro’s WORM_CXOVER.A, Symantec’s MSIL.Cxover.A, and F-Secure’s Cxover.A.

First, it checks the OS version. If it finds itself in a desktop computer, it searches for an open ActiveSync connection to a mobile device. Once found, it copies itself in the mobile device. If it finds itself in the mobile device, it deletes all files and folders found in the My Documents folder.

A more detailed analysis can be found here.

Included in its code is a direct challenge to security experts and AV companies:

The great walls of China that separated the domains between wired and wireless, desktop and handhelds have been reduce to ruble. Vxers are entering a new era of greater vx possibilities with the chance of reaching more systems around the world than ever before. The viruses of the past are nothing compared to what the future holds. 2006 marks the establishment of a New Cyberworld Order with vxers around the world united at the forefront. The time is now to prepare and defend, are you ready?

Are we ready?