Slashdot Mirror

← Back to Stories (view on slashdot.org)

Memory Cards of 3,000 Phones Infected By Malware

Posted by kdawson on from the speak-clearly-so-the-botnet-can-hear dept.

itwbennett sends us a few links from IT World tracing a story about infected microSD cards in Vodaphone-supplied mobile phones. "The original report came on March 8 after an employee of Panda Security plugged a newly ordered HTC Magic phone from Vodafone into a Windows computer, where it triggered an alert from the antivirus software. Further inspection of the phone found the device's 8GB microSD memory card was infected with a client for the now-defunct Mariposa botnet, the Conficker worm, and a password stealer for the Lineage game. At that point it was at thought to be an issue with a specific refurbished phone. On Wednesday another phone surfaced with traces of the Mariposa botnet. And now Vodafone is saying that as many as 3,000 HTC Magic phones may be affected."

22 of 63 comments (clear)

  1. Re:iPhone pwnz by quantumplacet · · Score: 5, Informative

    this wasn't software downloaded from the internet for the phone, it appears the card was infected before it was put into the phone. the code wouldn't even execute on the phone, only if you plugged the phone into your computer and mounted the sd card. thus the walled garden wouldn't protect you and is completely unrelated.

  2. Smart phones? by Wowsers · · Score: 4, Interesting

    How long before dedicated code will be found to use smart mobiles for some kind of bot-nets?

    --
    Take Nobody's Word For It.
    1. Re:Smart phones? by Jeng · · Score: 4, Insightful

      I don't know, but I bet it begins with social networking applications.

      Probably the best way to hide a bot-net on a phone.

      --
      Don't know something? Look it up. Still don't know? Then ask.
  3. Honest Question by DIplomatic · · Score: 3, Interesting

    Is stuff like this malicious? Like someone at the memory card plant put the virus executables on the hardware? Or is it just a case of the worker having an infected computer, which then infected the memory cards?

  4. 3,000 sounds like an arbitrary number by grahamsaa · · Score: 4, Insightful

    How do they know it's not 2,000 or 10,000. Hell, earlier this week it was an "isolated incident."

    --
    Facts have a liberal bias.
    1. Re:3,000 sounds like an arbitrary number by Zerth · · Score: 2, Insightful

      Perhaps they run them in batches of 3000 and the skid before and the skid after were clean?

    2. Re:3,000 sounds like an arbitrary number by BlueBoxSW.com · · Score: 2, Funny

      When you take the number of HTC Magic phones that shipped, and subtract the number that were returned, you get 3,000.

      OK, that was mean. I've gotta get outside.

    3. Re:3,000 sounds like an arbitrary number by WhatAmIDoingHere · · Score: 2, Informative

      Windows 95:
      "Official system requirements were an Intel 80386 DX CPU of any speed, 4 MB of system RAM, and 120 MB of hard drive space."

      --
      Not a Twitter sockpuppet... but I wish I was.
    4. Re:3,000 sounds like an arbitrary number by commodore64_love · · Score: 2, Informative

      "This configuration was distinctly suboptimal for any productive use..... if any networking or similar components were installed the system would refuse to boot with 4 megabytes of RAM. To achieve optimal performance, Microsoft recommends an Intel 80486 or compatible microprocessor with at least 8 MB of RAM."

      Apparently even back then Microsoft was taking the ACTUAL requirements, and dividing them in half, like when they claimed Vista would work on 1/2 gig of RAM when it clearly could not.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  5. Re:Cleary the worst example of pre-installed softw by dave562 · · Score: 2, Interesting

    Why would an SD card come anywhere near a PC during the manufacturing process? Aren't they fabricated in large batches, not unlike RAM or CPUs? The only part of the process that I would think might involve a PC would be the formating at the end. Yet it seems like they'd have a dedicated hardware device that formats multiple chips at a time.

  6. Re:Cleary the worst example of pre-installed softw by fuzzyfuzzyfungus · · Score: 2, Interesting

    I would strongly suspect that(for reasons of economics) the "dedicated hardware device" that formats multiple chips at the same time is based on a commodity PC, probably running XP, running some hacked-together program for doing the formatting and testing.

    The only real question is whether the hardware interface between the commodity PC components and the large number of SD cards is something fairly custom, or basically just a whole lot of USB SD card readers mounted in some sort of frame. A specialized interface could probably be quite useful in a heavily automated situation, particularly if it consisted of some sort of contact array that could connect to an entire tray of cards in one robotic motion; but if you are using human labor for this step, the ability to build a large array of ports for under $10/port, easily swapping out any whose contacts wear out, is probably pretty attractive.

  7. The real question is by rolfwind · · Score: 2, Funny

    Does Apple have a patent on this already?

  8. Lineage by Chees0rz · · Score: 2, Funny
    Can I just say it's amazing that Lineage is still popular enough in Asian countries that people are stealing passwords for it like this. If only it held on in the US... that game gave me so many lovely hours of punching ents.

    No bark... no fruit!

  9. Re:It's a Windows malware, right? by OrwellianLurker · · Score: 2, Insightful

    From TFA: With the first phone, the Mariposa botnet code automatically ran and attempted to infect a computer. Mariposa was at one time one of the largest botnets, but security researchers were able to shut it down in December after disabling its command-and-control servers

    It's a Windows malware, right? So a "Windows" computer connect to the phones sdcard and attempts to autorun whatever on it. I don't see how the malware can somehow activated and affect Android Linux O/S running on ARM chip inside a user-mode VM. Do botnets have legs now?

    It's irrelevant what operating system the malware operates on. The fact that malware came pre-loaded is troubling.

    --
    'Political power grows out of the barrel of a gun.' - Mao Tse-tung
  10. Probably incidental by mbessey · · Score: 5, Interesting

    In the one case I'm familiar with, which was at another company, the infection was traced to a single PC on the production floor that was just *packed* with malware. Apparently, it had been re-purposed from somebody's desk to the QA station when production capacity was expanded.

    This was at a reputable, top-tier contract manufacturing company.

    1. Re:Probably incidental by Belial6 · · Score: 2, Insightful

      No, it SHOULD be SOP. It should be trivial, but I haven't been in a single business where it actually was SOP. I'm not saying that there are not businesses that do it right, but you don't get to look like a hero fixing computer problems if there are no computer problems to fix.

  11. Re:iPhone pwnz by wprowe · · Score: 2, Insightful

    Since the walled garden (iPhone) doesn't have an SD card slot, we would not be affected. So the walled garden does protect us.

  12. quality control by jmnormand · · Score: 2, Insightful

    and this is what happens when you buy from the lowest bidder in china.

  13. Re:Whew! Glad I Use Windows Mobile by commodore64_love · · Score: 2, Funny

    Glad I use Virgin Mobile!

    Like Amiga nobody's ever heard of it... not even virus writers.

    --
    "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  14. Re:what s the safest cellphones? by Tikkun · · Score: 3, Insightful

    You want the Jitterbug.

  15. Re:what s the safest cellphones? by plover · · Score: 2, Interesting

    I just want a cellphone that allows, well, you know, to call people.

    What would be the simplest, easiest, cellphone with the least functionality (no bluetooth, no Java, no appstore, no memory card) that would fit me?

    You know, one with ten numbers and a "call" and a "hang up" button?

    You say you want "simplest and easiest". Think deeply about what you're trying to do. Do you actually want to talk to a "number", or do you really intend to talk to a specific person? This is a real question, and not intended to be a smart-assed comment.

    Most people assume a simple phone is one that dials numbers, but that's because we've been trained by 80 years of technological limits that have forced us to abstract human conversations behind strings of digits. With new phones that have contact lists, you don't need the numbers other than for initial input into the machine. You set the number once (or save it if they call you first) and never dial the digits again.

    That leads directly to a repeat of the first question: do you want to hunt through a contact list, or do you still just want to talk to someone? Again, we've been trained by the limits of our recent cell phone technology to accept 2=ABC, 3=DEF, etc. But that sucks for searching. Arrow-up and arrow-down are frustrating for average numbers of contacts, and the experience gets worse the more people you know.

    If you honestly want to just talk to someone, you should really be asking for a phone with voice recognition dialing. Motorola, Nokia, Apple, Sony Ericsson all have phones that can voice dial without training based on the names you've entered in the contact list, and I'm sure there are many others out there. Pushing the "call" button and saying "Call John Smith" is about as simple and easy and clear and direct as it gets. You should look into that, rather than constraining your requirements with limits that no longer need to exist.

    --
    John
  16. Similiar Experience by boliboboli · · Score: 3, Informative

    I purchased a digital picture frame made by Insignia in 2008. When Plugged into my PC my AV(Nod32 Eset) found two files it listed as viruses. After removing them, the picture frame worked fine.

    About a month later Insignia sent a letter explaining there may have been viruses on the internal memory of the frame.I think this happens quite a bit.