When Panda Security found malware on a brand new Android-based Vodafone HTC Magic earlier this month, Vodafone said it was an "isolated local incident." Now, a second phone has been found harboring malware, including a program that turns infected machines into zombies as part of the Mariposa credit card and bank log-in-stealing botnet, according to Spain-based PandaLabs.
After hearing about PandaLabs' discovery, an employee at another Spanish security company, S21Sec, checked his recently-acquired HTC Magic and found the Mariposa malware lurking on it, according to a PandaLabs blog post on Wednesday.
"This guy had also purchased an HTC Magic direct from Vodafone's official Web site the same week as my co-worker," writes Pedro Bustamante of PandaLabs. "He hadn't connected the phone to his PC yet, but as soon as he saw the news hurried back home, plugged it in via USB, and scanned its memory card with both MalwareBytes and AVG Free. Lo and behold, Mariposa emerged again, exactly in the same way as in our original finding."
PandaLabs connected the S21Sec employee's microSD card to his PC and found that the smartphone was loaded with the malware on March 1, more than a week before he had received the phone from Vodafone.
"This Mariposa botnet client is also loaded in the same hidden NADFOLDER directory. It is also named as AUTORUN.EXE and will automatically run when connected into a Windows machine unless you have autorun disabled (download USB Vaccine to disable autorun if you haven't done so yet)," the PandaLabs blog item says.
img: http://i212.photobucket.com/albums/cc94/Dl4All/
Recent comments
14 weeks 3 days ago
14 weeks 4 days ago
14 weeks 5 days ago
14 weeks 5 days ago
14 weeks 5 days ago
14 weeks 6 days ago
18 weeks 14 hours ago
19 weeks 2 days ago
21 weeks 4 days ago
21 weeks 6 days ago