Vodafone HTC Magic found to be carrying virus out of the box

[ilev]

It appears that just because something is factory sealed doesn’t necessarily insure that it is free of viruses.

An employee at Panda Research, a maker of anti-virus software, reportedly discovered some malware on her brand new HTC Magic phone from Vodafone according to a post on the corporate blog. Apparently the employee’s antivirus software set off an alarm when she plugged the brand new phone into her work computer, and she was alerted to the presence of a botnet mariposa piece of software, as well as Confiker and a Lineage password stealing malware.

The problem was isolated down to the included microSD memory card, and confirmed it was not the phone itself, nor the Android operating system that was responsible.

The company is planning to purchase more of the phones to see if this was an isolated incident or to see if it is perhaps a problem with a shipment of memory cards Vodafone received.

http://research.pandasecurity.com/vodafone-distributes-mariposa/

[The Teej]

Holy ****, that's crazy.

[Billus]

The title is a little misleading, don't ya think?

[ilev]

The title is a little misleading, don't ya think?

The original title on Panda's blog says : Vodafone distributes Mariposa botnet :-)

Here is yet another example of a company distributing malware to its userbase. Unfortunately it probably won’t be the last

[ilev]

Vodafone distributes Mariposa ? Part 2 : http://research.pandasecurity.com/vodafone-distributes-mariposa-part-2/

It seems that my original post Vodafone distributes Mariposa botnet caught a lot of attention. It was very interesting to see the reactions from the different actors. On the one hand Vodafone called it an isolated incident, deleted all posts on their forum from users asking about the incident, and then two days later announced the end of life of the HTC Magic. On the other hand reactions from users all over the blogosphere ranged from applause for uncovering this to accusing us of making it up, along with the inevitable and always amusing Android vs. iPhone fanboy quarrels.

However it also caught the attention of an employee of a different IT security company here in Spain, S21Sec, which specializes in researching banking trojans & vulnerabilities. This guy had also purchased an HTC Magic direct from Vodafone?s official website the same week as my co-worker. He hadn?t connected the phone to his PC yet, but as soon as he saw the news hurried back home, plugged it in via USB and scanned its memory card with both MalwareBytes and AVG Free. Lo and behold, Mariposa emerged again, exactly in the same way as in our original finding.