Slashdot Mirror

← Back to Stories (view on slashdot.org)

Memory Cards of 3,000 Phones Infected By Malware

Posted by kdawson on from the speak-clearly-so-the-botnet-can-hear dept.

itwbennett sends us a few links from IT World tracing a story about infected microSD cards in Vodaphone-supplied mobile phones. "The original report came on March 8 after an employee of Panda Security plugged a newly ordered HTC Magic phone from Vodafone into a Windows computer, where it triggered an alert from the antivirus software. Further inspection of the phone found the device's 8GB microSD memory card was infected with a client for the now-defunct Mariposa botnet, the Conficker worm, and a password stealer for the Lineage game. At that point it was at thought to be an issue with a specific refurbished phone. On Wednesday another phone surfaced with traces of the Mariposa botnet. And now Vodafone is saying that as many as 3,000 HTC Magic phones may be affected."

8 of 63 comments (clear)

  1. Re:Smart phones? by Jeng · · Score: 4, Insightful

    I don't know, but I bet it begins with social networking applications.

    Probably the best way to hide a bot-net on a phone.

    --
    Don't know something? Look it up. Still don't know? Then ask.
  2. 3,000 sounds like an arbitrary number by grahamsaa · · Score: 4, Insightful

    How do they know it's not 2,000 or 10,000. Hell, earlier this week it was an "isolated incident."

    --
    Facts have a liberal bias.
    1. Re:3,000 sounds like an arbitrary number by Zerth · · Score: 2, Insightful

      Perhaps they run them in batches of 3000 and the skid before and the skid after were clean?

  3. Re:It's a Windows malware, right? by OrwellianLurker · · Score: 2, Insightful

    From TFA: With the first phone, the Mariposa botnet code automatically ran and attempted to infect a computer. Mariposa was at one time one of the largest botnets, but security researchers were able to shut it down in December after disabling its command-and-control servers

    It's a Windows malware, right? So a "Windows" computer connect to the phones sdcard and attempts to autorun whatever on it. I don't see how the malware can somehow activated and affect Android Linux O/S running on ARM chip inside a user-mode VM. Do botnets have legs now?

    It's irrelevant what operating system the malware operates on. The fact that malware came pre-loaded is troubling.

    --
    'Political power grows out of the barrel of a gun.' - Mao Tse-tung
  4. Re:iPhone pwnz by wprowe · · Score: 2, Insightful

    Since the walled garden (iPhone) doesn't have an SD card slot, we would not be affected. So the walled garden does protect us.

  5. quality control by jmnormand · · Score: 2, Insightful

    and this is what happens when you buy from the lowest bidder in china.

  6. Re:what s the safest cellphones? by Tikkun · · Score: 3, Insightful

    You want the Jitterbug.

  7. Re:Probably incidental by Belial6 · · Score: 2, Insightful

    No, it SHOULD be SOP. It should be trivial, but I haven't been in a single business where it actually was SOP. I'm not saying that there are not businesses that do it right, but you don't get to look like a hero fixing computer problems if there are no computer problems to fix.