CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 9th, 2010

Vodafone Shipped Malware Infected HTC Magic Smartphones

Vodafone has been blamed for shipping Mariposa botnet malware and other nasties on a HTC Magic Android smartphones it supplied.

The mobile phone giant’s Spanish arm supplied an HTC Magic smartphone preloaded with malware that attempted to establish a backdoor for stealing information on connected PCs during the synchronisation process. Vodafone acknowledged the problem but said that the incident was an isolated and local problem, which came to light because the customer affected works for Spanish anti-virus firm Panda Security.

The extra code was a strain of the Mariposa bot client that attempted to connect to systems not associated with the recent arrests of three suspected botmasters in Spain, according to an analysis of the attack by Panda Security researcher Pedro Bustamante.

“A quick analysis of the malware reveals that it is in fact a Mariposa bot client,” Bustamante explained. “This one, unlike the one announced last week which was run by Spanish hacker group ‘DDP Team’, is run by some guy named ‘tnls’ as the botnet-control mechanism shows.

“Once infected you can see the malware ‘phoning home’ to receive further instructions, probably to steal all of the user’s credentials and send them to the malware writer,” he added.

The same mobile phone was also infected by Confiker and a Lineage password-stealing code, according to Panda. The incident came to light because the infected phone was sold to one of Bustamante’s colleagues in Spain.

In a statement, Vodafone said the problem, which it is investigating, was isolated.

Vodafone takes the security and privacy of its customers extremely seriously and launched an immediate investigation into this incident

Following extensive Quality Assurance testing on HTC Magic handsets in several of our operating companies, early indications are that this was an isolated local incident

Vodafone keeps its security processes under constant review as new threats arise, and we will take all appropriate actions to safeguard our customers’ privacy.

Incidents where computing devices come preloaded with malware are far from unprecedented. Normally problems arise when computers used in manufacturing production lines are themselves infected.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • HTC Smartphones Vulnerable To Critical File Transfer Profile Security Flaw In Bluetooth
  • Rootkit-based Exploits Could Eavesdrop Smartphones
  • Olympus Dsitributed Cameras With Malware-Infected Cards In Japan
  • Asus Eee Box Mini PC Is Being Shipped With Virus
  • Webmail Vulnerability Compromised 40 Million Vodafone, Virgin, T-Mobile, and Telefonica Email Accounts

    • Posted in Botnets, Breaches And Incidents, Malware, Mobile, Software, Trojans & Worms | Print This Post Print This Post

    This entry was posted on Tuesday, March 9th, 2010 at 8:35 am and is filed under Botnets, Breaches And Incidents, Malware, Mobile, Software, Trojans & Worms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Vodafone Shipped Malware Infected HTC Magic Smartphones

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »