Malware infected memory cards of 3,000 Vodafone mobiles

The company is now investigating how the malware programs ended up on the phones

Malware-tainted memory cards may have ended up on as many as 3,000 HTC Magic phones, a greater number than first suspected, Vodafone said Friday.

The problem came to light earlier this month after an employee of Panda Security plugged a newly ordered phone into a Windows computer, where it triggered an alert from the antivirus software.

Further inspection of the phone found the device's 8GB microSD memory card was infected with a client for the now-defunct Mariposa botnet, the Conficker worm and a password stealer for the Lineage game.

Vodafone said then it was an isolated incident, but an employee at Spanish security company S21sec discovered another phone with an infected card, which it sent to Panda. That phone was purchased directly from Vodafone's Web site in the same week as the first phone, according to Panda.

It is unclear how the batch of memory cards became infected although an investigation is under way, said a spokesman for Vodafone in Spain. There are no problems with either the HTC Magic phone or its Android OS. The malware only affected phones sold in Spain.

Vodafone will send a letter along with a new memory card to affected customers, the spokesman said. The letter will contain instructions for how customers can give their PCs free antivirus scans on Panda's Web site, which partners with Vodafone. He said Vodafone will give security software to people whose computers have become infected as a result of plugging in an infected HTC phone.

With the first phone, the Mariposa botnet code automatically ran and attempted to infect a computer. Mariposa was at one time one of the largest botnets, but security researchers were able to shut it down in December after disabling its command-and-control servers.

Conficker is a worm that still infects millions of machines worldwide, but its autorun capability may have been disabled by Mariposa, Panda said. The password-stealing program would not run unless someone double clicked the file.

More about: HTC, Mariposa, mobiles, Panda, Panda Security, Vodafone
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the TechWorld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: htc, microSD, security, Vodafone
Whitepapers
All whitepapers

Recent comments

- + c

Twitter Feed

  • rohan_p RT @Techworld_AU: Gear and gadgets at @CeBITAUS 2012, Sydney http://t.co/J1Sch1sX #cebit2012
    23 hours, 56 minutes
  • Techworld_AU Gear and gadgets at @CeBITAUS 2012, Sydney http://t.co/J1Sch1sX #cebit2012
    1 day
  • HamishBarwick CeBIT 2012: Will NBN speed up freight delivery times? http://t.co/gaZyjOlH #cw #cio #tw #CeBIT2012 #nbn
    1 day, 19 hours
  • HamishBarwick CeBIT 2012: NAB calls for mobile app security overhaul http://t.co/3Z3ZPUPq #cw #cio #tw #CeBIT2012 #infosec
    1 day, 23 hours
  • rohan_p RT @Techworld_AU: BigPond Games Arena, Games Shop hit by hackers http://t.co/OXNPeDfL #bigpond #infosec #security
    2 days, 1 hour

Whitepapers

- + c

Latest News

- + c
more