HTC Android Phones Found With Malware Pre-Installed 158
Trailrunner7 writes "Security researchers have found that Vodafone, one of the world's larger wireless providers, is distributing some HTC phones with malware pre-installed on them. The phone, HTC's Magic, runs the Google Android mobile operating system, and is one of the more popular handsets right now. A researcher at Panda Software received one of the handsets recently, and upon attaching it to her PC, found that the phone was pre-loaded with the Mariposa bot client. Mariposa has been in the news of late thanks to some arrests connected to the operation of the botnet."
Easy way to stop this from happening (Score:5, Insightful)
There's absolutely no excuse for this. If you contract out development or manufacturing and that leads to this kind of security risk, there's still no excuse. Unfortunately as of right now there are few if any consequences associated with this type of negligence -- which means that companies aren't going to do much to improve their security practices.
Re:Technically, not installed... (Score:5, Insightful)
That’s a good distinction to make.
Of course I immediately assumed they didn’t really mean “installed”, since it’s a Windows virus and an Android OS...
Re:Technically, not installed... (Score:5, Insightful)
You know Android has hit the big leagues (Score:5, Insightful)
When people are trying to slander it. They're blaming everyone under the sun, when the most likely vector is a store employee who simply plugged the device into a computer and copied the file to the flash drive.
Re:Technically, not installed... (Score:3, Insightful)
"untrusted devices"
Its not like this phone was bought on e-bay or some back ally. This is straight from the manufacture.
It baffles me that products get through QA and carry viruses, Trojans or other malware, I mean come on.
Re:Technically, not installed... (Score:3, Insightful)
I'm not sure about how Vodafone works, but most carriers around here love to brand their phones. The issue it self seems to be isolated to just the Vodafone models so could it be part of the branding they do with the phones?
Re:Technically, not installed... (Score:5, Insightful)
Re:dacoda (Score:1, Insightful)
Re:Technically, not installed... (Score:3, Insightful)
From what you said, several things are glaringly obvious about your set-up.
No antivirus.
You probably didn’t disable autoruns.
Most importantly, UNPATCHED NETWORKED WINDOWS MACHINES. Your firewall is NOT enough to protect them.
Re:Technically, not installed... (Score:5, Insightful)
I can't seem to get the original panda research page to open, so here's the google cache
http://74.125.113.132/search?q=cache:http://research.pandasecurity.com/vodafone-distributes-mariposa/ [74.125.113.132]
It's funny how TFA treats "a researcher" and "one phone" as "some HTC phones".
Aha, it's an ad for Panda software (Score:5, Insightful)
Following the linked article, and following that to the original post, we find that first off, it's a single phone, not more than one that had this malware, and we are informed of the software that detected this, coincidentally the commercial product the researchers are working on:
I'm rushing out today to buy this software that can do such feats as detecting this malware. They have a Linux version, right?
Oh? (Score:3, Insightful)
I agree it has nothing to do with Android, but that case had most certainly something to do with Apple. They use those crappy manufacturing facilities to save a few bucks and then save even more by not doing proper QA.
And before you claim how innocent and harmless this is, consider what is happening to Toyota. Or the numerous quality issues with products from China and god knows how many more places. In order to maximize profits (because you can't claim cost savings are passed onto to the consumer with Apple products) they cut corners everywhere and sooner or later something has to give.
And long after guy who got the bonus for cutting costs has left, the shit starts to happen. Toyota used to be the largest and fast growing, with the economy not affecting it nearly as much as the other car makers. Now it can't shift its cars. And the money for huge cash injections has already been spent. This might end up hurting Toyota, and for what? A few cents more to the stock holders.
It will be interesting to find out how this phone got its extra payload, but ultimately the story will be, lack of quality control. And someday your life may depend on cut rate QA.
C'mon slashdot. 1 phone, uncorroborated (Score:5, Insightful)
Next we'll be reading stuff like "My best friend's sister's boyfriend's brother's girlfriend heard from this guy who knows this kid who's going with the girl who saw Ferris pass out at 31 Flavors last night. I guess it's pretty serious. He might have Mariposa, or Confiker or something. Better get Ferris some AntiVirus software from PandaAV"
Re:Technically, not installed... (Score:3, Insightful)
Re:Technically, not installed... (Score:3, Insightful)
First of all, please learn the difference between <strong> and <a href="">. One is bold, the other is a reference.
Secondly, the “default” choice is still to execute the autorun. You just have to click Ok before it will perform the default action. I never said it autoruns without any prompting whatsoever; it prompts, and the default (highlighted) option is to autorun.
It’s no different from installers that bundle the Google toolbar and the install option is checked by default. It’s no different from online forms where the “sign me up for your mailing list” option is checked by default.
Yes, the user can manually override it, but they must have a reason to know that the “default” option is unwise. “Install the Google toolbar” is descriptive of what will happen. “Keep me informed of future products and special purchases” is descriptive of what will happen. “Autoplay” is not descriptive of what will happen in this case, because users expect a new hardware device to install itself when you plug it in and autoplay it. Installing malware is not something they’d expect.