HTC Android Phones Found With Malware Pre-Installed - Slashdot

Slashdot

HTC Android Phones Found With Malware Pre-Installed 158

Posted by Soulskill on Tuesday March 09 2010, @12:45PM
from the saving-users-time-and-effort dept.

Trailrunner7 writes "Security researchers have found that Vodafone, one of the world's larger wireless providers, is distributing some HTC phones with malware pre-installed on them. The phone, HTC's Magic, runs the Google Android mobile operating system, and is one of the more popular handsets right now. A researcher at Panda Software received one of the handsets recently, and upon attaching it to her PC, found that the phone was pre-loaded with the Mariposa bot client. Mariposa has been in the news of late thanks to some arrests connected to the operation of the botnet."

This discussion has been archived. No new comments can be posted.

HTC Android Phones Found With Malware Pre-Installed

Search 158 Comments Log In/Create an Account

Comments Filter:

Technically, not installed... (Score:5, Informative)

by TheRaven64 (641858) writes: on Tuesday March 09 2010, @12:47PM (#31415446) Journal

The software in question was an autorun file, so it wasn't installed on the phone, it was just present on the phone's flash drive waiting to try to infect any OS stupid enough to automatically run programs from untrusted devices. It's not like the phone was running a botnet client and using up your data allowance sending spam, it was just a carrier.

Share
twitter facebook
Re:Technically, not installed... (Score:3, Informative)

by AndrewNeo (979708) writes: on Tuesday March 09 2010, @01:04PM (#31415682) Homepage

And if it's an autorun file, that means only XP and earlier, and very stupid users are vulnerable. Vista and 7 don't execute Autorun.exe by default.

Parent Share
twitter facebook
Re:Technically, not installed... (Score:4, Informative)

by clone53421 (1310749) writes: on Tuesday March 09 2010, @01:13PM (#31415818) Journal

Wrong [wikipedia.org], it was replaced with Autorun.inf, and Vista/7 do execute it if you choose to “Autoplay” the device. I believe the dialog will appear first to ask you what you want to do, but “Autoplay” is the top choice and is selected by default.

Parent Share
twitter facebook
Re:Technically, not installed... (Score:5, Informative)

by nicolas.kassis (875270) writes: on Tuesday March 09 2010, @01:21PM (#31415950)

Ok... go lookup the story about iPods loaded with trojans that got through QA. http://msmvps.com/blogs/spywaresucks/archive/2006/10/19/187622.aspx [msmvps.com] This has nothing to do with android/apple and everything to do with crappy manufacturing using infected windows PC that will infect any usb connected device.

Parent Share
twitter facebook
Re:Technically, not installed... (Score:3, Informative)

by clone53421 (1310749) writes: on Tuesday March 09 2010, @01:27PM (#31416050) Journal

No... it will autoplay if you give it permission to autoplay.
You don’t tell it to. It asks, and the default option is to allow it. All you have to do is click Ok.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

439 commentsOperators: Nokia Would Sell Better With Android
366 commentsGoogle Earns $2 Per Handset; Apple, $575
331 commentsVerizon To Kill All Unlimited Data Plans
270 commentsFacebook Is Killing Text Messaging
214 commentsThe Digital Differences In Americans

"I just want to be a good engineer." -- Steve Wozniak, co-founder of Apple Computer, concluding his keynote speech at the 1988 AppleFest