Vodaphone HTC ships with Malware
Thread Starter
Needs more Lemon Pledge
Joined: Mar 2005
Posts: 52,768
Likes: 2,000
From: Phoenix, AZ
Vodaphone HTC ships with Malware
http://www.esecurityplanet.com/featu...61/article.htm
Researchers at antivirus software vendor Panda Security are used to finding malicious code in every nook and cranny of the Internet. But this week they stumbled across something even more concerning: a colleague's new Vodafone HTC Magic smartphone was shipped with a motley assortment of malware samples, including the potent Mariposa botnet.
When the phone, which runs on the Android operating system, was plugged into a Windows PC via the USB port, the Panda Cloud Antivirus software "went off," detecting both an autorun.inf and autorun.exe as malicious.
"A quick look into the phone revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into," Pedro Bustamante, a senior research advisor at Panda Security, said in a blog posting.
Once the PC was infected, the malware began "phoning home" to receive further instructions, probably to steal all of the user's credentials and send them to the malware writer.
Mariposa, one of the largest and most destructive botnets in history, wasn't the only malware found on the smartphone.
"There's also a Confiker and a Lineage password stealing malware," Bustamante said.
Vodafone and HTC officials were not immediately available for comment.
While most consumers by now are aware of the malicious landmines littered throughout cyberspace, finding malware in devices or in software used to run devices is a fairly new but growing trend.
Related Articles
Earlier this week, the United States Computer Emergency Readiness Team (CERT) warned consumers that downloadable software commonly used with the Energizer DUO USB battery charger contains a Trojan that hackers can exploit to commandeer Windows-based PCs.
In that case, an installer for the Energizer DUO software, which lets users view the battery's charging status, placed the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory, creating a backdoor for hackers to list directories, execute programs and send and receive files.
Similar instances of device-infected malware were discovered in the past few years on everything from new Windows netbooks and Samsung digital photo frames to HP USB sticks and TomTom navigation guides.
Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.
When the phone, which runs on the Android operating system, was plugged into a Windows PC via the USB port, the Panda Cloud Antivirus software "went off," detecting both an autorun.inf and autorun.exe as malicious.
"A quick look into the phone revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into," Pedro Bustamante, a senior research advisor at Panda Security, said in a blog posting.
Once the PC was infected, the malware began "phoning home" to receive further instructions, probably to steal all of the user's credentials and send them to the malware writer.
Mariposa, one of the largest and most destructive botnets in history, wasn't the only malware found on the smartphone.
"There's also a Confiker and a Lineage password stealing malware," Bustamante said.
Vodafone and HTC officials were not immediately available for comment.
While most consumers by now are aware of the malicious landmines littered throughout cyberspace, finding malware in devices or in software used to run devices is a fairly new but growing trend.
Related Articles
Earlier this week, the United States Computer Emergency Readiness Team (CERT) warned consumers that downloadable software commonly used with the Energizer DUO USB battery charger contains a Trojan that hackers can exploit to commandeer Windows-based PCs.
In that case, an installer for the Energizer DUO software, which lets users view the battery's charging status, placed the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory, creating a backdoor for hackers to list directories, execute programs and send and receive files.
Similar instances of device-infected malware were discovered in the past few years on everything from new Windows netbooks and Samsung digital photo frames to HP USB sticks and TomTom navigation guides.
Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.
Thread
Thread Starter
Forum
Replies
Last Post
GWEEDOspeedo
Car Parts for Sale
4
Jan 15, 2016 10:39 PM
ExcelerateRep
4G TL Performance Parts & Modifications
8
Oct 14, 2015 08:20 AM
Hines57
Car Parts for Sale
0
Sep 24, 2015 01:58 PM