Slashdot Mirror

← Back to Stories (view on slashdot.org)

HTC Android Phones Found With Malware Pre-Installed

Posted by Soulskill on from the saving-users-time-and-effort dept.

Trailrunner7 writes "Security researchers have found that Vodafone, one of the world's larger wireless providers, is distributing some HTC phones with malware pre-installed on them. The phone, HTC's Magic, runs the Google Android mobile operating system, and is one of the more popular handsets right now. A researcher at Panda Software received one of the handsets recently, and upon attaching it to her PC, found that the phone was pre-loaded with the Mariposa bot client. Mariposa has been in the news of late thanks to some arrests connected to the operation of the botnet."

14 of 158 comments (clear)

  1. It's not a bug by elrous0 · · Score: 4, Funny

    It's an undocumented feature!

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:It's not a bug by Monkeedude1212 · · Score: 4, Funny

      You think THATS bad - I got my HTC phone with Windows Mobile 6.1 Pre Installed!

  2. Technically, not installed... by TheRaven64 · · Score: 5, Informative

    The software in question was an autorun file, so it wasn't installed on the phone, it was just present on the phone's flash drive waiting to try to infect any OS stupid enough to automatically run programs from untrusted devices. It's not like the phone was running a botnet client and using up your data allowance sending spam, it was just a carrier.

    --
    I am TheRaven on Soylent News
    1. Re:Technically, not installed... by clone53421 · · Score: 5, Insightful

      That’s a good distinction to make.

      Of course I immediately assumed they didn’t really mean “installed”, since it’s a Windows virus and an Android OS...

      --
      Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
    2. Re:Technically, not installed... by 56 · · Score: 4, Insightful

      Either way, that's pretty crazy. I wonder if it's a case of a rogue employee putting it there, or if it somehow got installed unntentionally by Vodafone. Or maybe the phone was used, returned, and re-sold without having the micro sd card formatted.

    3. Re:Technically, not installed... by Manax · · Score: 5, Insightful

      That's just ridiculous. Did you even read the summary? This isn't about you installing a trojan on your phone, or about how open the platform is or isn't. It's about it COMING FROM THE CARRIER that way. This could have just as easily happened to an iPhone and had a mac or PC virus on it...

      --
      "Why should I be content to simply live in this world, when I, as a human being, can CREATE it?" - Oertel
    4. Re:Technically, not installed... by nicolas.kassis · · Score: 4, Informative

      Ok... go lookup the story about iPods loaded with trojans that got through QA. http://msmvps.com/blogs/spywaresucks/archive/2006/10/19/187622.aspx This has nothing to do with android/apple and everything to do with crappy manufacturing using infected windows PC that will infect any usb connected device.

    5. Re:Technically, not installed... by TubeSteak · · Score: 4, Insightful

      I can't seem to get the original panda research page to open, so here's the google cache
      http://74.125.113.132/search?q=cache:http://research.pandasecurity.com/vodafone-distributes-mariposa/

      It's funny how TFA treats "a researcher" and "one phone" as "some HTC phones".

      --
      [Fuck Beta]
      o0t!
  3. Easy way to stop this from happening by grahamsaa · · Score: 4, Insightful

    I'm personally getting fed up with companies that allow this to happen. If companies that distribute devices that come pre-loaded with malware were fined heavily for each instance, they'd likely hire a few good devs and QA people to ensure that this sort of thing doesn't happen again.

    There's absolutely no excuse for this. If you contract out development or manufacturing and that leads to this kind of security risk, there's still no excuse. Unfortunately as of right now there are few if any consequences associated with this type of negligence -- which means that companies aren't going to do much to improve their security practices.

    --
    Facts have a liberal bias.
  4. Please by oldhack · · Score: 5, Funny

    Linux is not a malware. Such smear tactic at slashdot must stop.

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
  5. You know Android has hit the big leagues by 0xdeadbeef · · Score: 5, Insightful

    When people are trying to slander it. They're blaming everyone under the sun, when the most likely vector is a store employee who simply plugged the device into a computer and copied the file to the flash drive.

  6. Re:Now THAT's Multitasking! by genghisjahn · · Score: 5, Funny

    Unfortunately, as an iPhone user, if I want to get malware my only option is to get it through the app store.

    --
    Sorry about the mess.
  7. Aha, it's an ad for Panda software by noidentity · · Score: 4, Insightful

    Following the linked article, and following that to the original post, we find that first off, it's a single phone, not more than one that had this malware, and we are informed of the software that detected this, coincidentally the commercial product the researchers are working on:

    The interesting thing is that when she plugged the phone to her PC via USB her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious

    I'm rushing out today to buy this software that can do such feats as detecting this malware. They have a Linux version, right?

  8. C'mon slashdot. 1 phone, uncorroborated by beakerMeep · · Score: 4, Insightful

    Dont go the way of kdawson, soulskill.

    Next we'll be reading stuff like "My best friend's sister's boyfriend's brother's girlfriend heard from this guy who knows this kid who's going with the girl who saw Ferris pass out at 31 Flavors last night. I guess it's pretty serious. He might have Mariposa, or Confiker or something. Better get Ferris some AntiVirus software from PandaAV"

    --
    meep