Last February 27, news has it that a new malware was discovered which has the capability to cross infect a Windows PC and a Windows wireless pocket device.
This malware, codenamed “Crossover”, was reported to be submitted anonymously to the Mobile Antivirus Researchers Association (MARA). MARA itself has posted an advisory on its website (http://www.mobileav.org/), warning everyone of the impending threat.
As with any other fields of discipline, collaboration and corroboration are important. The antivirus industry is no different. In order to corroborate the cross-platform claim, the sample must be independently analysed by several researchers. Thus, antivirus vendors, including Trend Micro, tried to contact MARA in the hopes that they (MARA) will share the sample.
The players in the antivirus industry, for a long time now, have been sharing samples in order to update their respective products. This relationship, as Ivan Macalintal (RD-US) succinctly points out, is “based on trust relationships … and the common goal to do the common good.”
In stark contrast to the traditional practice, MARA, as stated in their website, requires requesting parties to submit a signed agreement before they will share the sample.
Apparently, nobody was willing to sign the agreement. This is evident in a PCWorld article, which reports that several antivirus vendors still does not have the “Crossover” sample.
As of the moment, we only have the word of MARA that a cross-platform virus does exist. But until the claim is independently verified, the claim will remain shrouded in mystery.