Slashdot Mirror
HTC Android Phones Found With Malware Pre-Installed
Trailrunner7 writes "Security researchers have found that Vodafone, one of the world's larger wireless providers, is distributing some HTC phones with malware pre-installed on them. The phone, HTC's Magic, runs the Google Android mobile operating system, and is one of the more popular handsets right now. A researcher at Panda Software received one of the handsets recently, and upon attaching it to her PC, found that the phone was pre-loaded with the Mariposa bot client. Mariposa has been in the news of late thanks to some arrests connected to the operation of the botnet."
I'm personally getting fed up with companies that allow this to happen. If companies that distribute devices that come pre-loaded with malware were fined heavily for each instance, they'd likely hire a few good devs and QA people to ensure that this sort of thing doesn't happen again.
There's absolutely no excuse for this. If you contract out development or manufacturing and that leads to this kind of security risk, there's still no excuse. Unfortunately as of right now there are few if any consequences associated with this type of negligence -- which means that companies aren't going to do much to improve their security practices.
Facts have a liberal bias.
That’s a good distinction to make.
Of course I immediately assumed they didn’t really mean “installed”, since it’s a Windows virus and an Android OS...
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Either way, that's pretty crazy. I wonder if it's a case of a rogue employee putting it there, or if it somehow got installed unntentionally by Vodafone. Or maybe the phone was used, returned, and re-sold without having the micro sd card formatted.
When people are trying to slander it. They're blaming everyone under the sun, when the most likely vector is a store employee who simply plugged the device into a computer and copied the file to the flash drive.
"untrusted devices"
Its not like this phone was bought on e-bay or some back ally. This is straight from the manufacture.
It baffles me that products get through QA and carry viruses, Trojans or other malware, I mean come on.
It's not really straight from the manufacturer is it?
I'm not sure about how Vodafone works, but most carriers around here love to brand their phones. The issue it self seems to be isolated to just the Vodafone models so could it be part of the branding they do with the phones?
That's just ridiculous. Did you even read the summary? This isn't about you installing a trojan on your phone, or about how open the platform is or isn't. It's about it COMING FROM THE CARRIER that way. This could have just as easily happened to an iPhone and had a mac or PC virus on it...
"Why should I be content to simply live in this world, when I, as a human being, can CREATE it?" - Oertel
This malware makes you post a bullshit link to your travel site that nobody cares about. Looks like you're infected.
From what you said, several things are glaringly obvious about your set-up.
No antivirus.
You probably didn’t disable autoruns.
Most importantly, UNPATCHED NETWORKED WINDOWS MACHINES. Your firewall is NOT enough to protect them.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I can't seem to get the original panda research page to open, so here's the google cache
http://74.125.113.132/search?q=cache:http://research.pandasecurity.com/vodafone-distributes-mariposa/
It's funny how TFA treats "a researcher" and "one phone" as "some HTC phones".
[Fuck Beta]
o0t!
Following the linked article, and following that to the original post, we find that first off, it's a single phone, not more than one that had this malware, and we are informed of the software that detected this, coincidentally the commercial product the researchers are working on:
I'm rushing out today to buy this software that can do such feats as detecting this malware. They have a Linux version, right?
I agree it has nothing to do with Android, but that case had most certainly something to do with Apple. They use those crappy manufacturing facilities to save a few bucks and then save even more by not doing proper QA.
And before you claim how innocent and harmless this is, consider what is happening to Toyota. Or the numerous quality issues with products from China and god knows how many more places. In order to maximize profits (because you can't claim cost savings are passed onto to the consumer with Apple products) they cut corners everywhere and sooner or later something has to give.
And long after guy who got the bonus for cutting costs has left, the shit starts to happen. Toyota used to be the largest and fast growing, with the economy not affecting it nearly as much as the other car makers. Now it can't shift its cars. And the money for huge cash injections has already been spent. This might end up hurting Toyota, and for what? A few cents more to the stock holders.
It will be interesting to find out how this phone got its extra payload, but ultimately the story will be, lack of quality control. And someday your life may depend on cut rate QA.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Dont go the way of kdawson, soulskill.
Next we'll be reading stuff like "My best friend's sister's boyfriend's brother's girlfriend heard from this guy who knows this kid who's going with the girl who saw Ferris pass out at 31 Flavors last night. I guess it's pretty serious. He might have Mariposa, or Confiker or something. Better get Ferris some AntiVirus software from PandaAV"
meep
Or maybe the "colleague" already had these viruses and they hopped over to the USB? Or maybe Panda just made it all up? Kinda hard to say when it's a single phone. But time to get out the pitchforks regardless! I like pitchforks.
meep
First of all, please learn the difference between <strong> and <a href="">. One is bold, the other is a reference.
Secondly, the “default” choice is still to execute the autorun. You just have to click Ok before it will perform the default action. I never said it autoruns without any prompting whatsoever; it prompts, and the default (highlighted) option is to autorun.
It’s no different from installers that bundle the Google toolbar and the install option is checked by default. It’s no different from online forms where the “sign me up for your mailing list” option is checked by default.
Yes, the user can manually override it, but they must have a reason to know that the “default” option is unwise. “Install the Google toolbar” is descriptive of what will happen. “Keep me informed of future products and special purchases” is descriptive of what will happen. “Autoplay” is not descriptive of what will happen in this case, because users expect a new hardware device to install itself when you plug it in and autoplay it. Installing malware is not something they’d expect.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.