While Vodaphone is calling this “an isolated incident”, they have apparently sold a phone that came pre-loaded with malware that would send personal information back to the malware creator when it was connected to a computer. It was infected with the Mariposa bot client, and also with the Confiker and Lineage password stealing viruses.
“The interesting thing is that when she plugged the phone to her PC via USB her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious. A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into.
A quick analysis of the malware reveals that it is in fact a Mariposa bot client. This one, unlike the one announced last week which was run by spanish hacker group “DDP Team”, is run by some guy named “tnls” as the botnet-control mechanism shows…”
You must take this article with a grain of salt though, because the source of the article was a Panda Security employee and it was first posted on a Panda Security Research Blog.
Vodaphone released the following statement:
“Vodafone takes the security and privacy of its customers extremely seriously and launched an immediate investigation into this incident
Following extensive Quality Assurance testing on HTC Magic handsets in several of our operating companies, early indications are that this was an isolated local incident
Vodafone keeps its security processes under constant review as new threats arise, and we will take all appropriate actions to safeguard our customers’ privacy.”
Source: Phandroid (Thanks for the tip Mordy)
© 2010, mindfrost82. All rights reserved.