Forgot your password?
typodupeerror
Cellphones Botnet Security

Memory Cards of 3,000 Phones Infected By Malware 63

Posted by kdawson
from the speak-clearly-so-the-botnet-can-hear dept.
itwbennett sends us a few links from IT World tracing a story about infected microSD cards in Vodaphone-supplied mobile phones. "The original report came on March 8 after an employee of Panda Security plugged a newly ordered HTC Magic phone from Vodafone into a Windows computer, where it triggered an alert from the antivirus software. Further inspection of the phone found the device's 8GB microSD memory card was infected with a client for the now-defunct Mariposa botnet, the Conficker worm, and a password stealer for the Lineage game. At that point it was at thought to be an issue with a specific refurbished phone. On Wednesday another phone surfaced with traces of the Mariposa botnet. And now Vodafone is saying that as many as 3,000 HTC Magic phones may be affected."
This discussion has been archived. No new comments can be posted.

Memory Cards of 3,000 Phones Infected By Malware

Comments Filter:
  • Smart phones? (Score:5, Interesting)

    by Wowsers (1151731) on Friday March 19, 2010 @03:04PM (#31542122) Journal
    How long before dedicated code will be found to use smart mobiles for some kind of bot-nets?
  • ...do you suppose shipped out on those SD cards. I know where my mind strays, but more likely it was probably a bunch of pictures of cats and annoying ringtones.
  • Honest Question (Score:3, Interesting)

    by DIplomatic (1759914) on Friday March 19, 2010 @03:06PM (#31542150) Journal
    Is stuff like this malicious? Like someone at the memory card plant put the virus executables on the hardware? Or is it just a case of the worker having an infected computer, which then infected the memory cards?
    • Probably incidental (Score:5, Interesting)

      by mbessey (304651) on Friday March 19, 2010 @04:04PM (#31542864) Homepage Journal

      In the one case I'm familiar with, which was at another company, the infection was traced to a single PC on the production floor that was just *packed* with malware. Apparently, it had been re-purposed from somebody's desk to the QA station when production capacity was expanded.

      This was at a reputable, top-tier contract manufacturing company.

      • Apparently, it had been re-purposed from somebody's desk to the QA station when production capacity was expanded.

        Re-purposed and not cleaned beforehand? I thought it was SOP to wipe the drives of any re-purposed machine . . .

        • Re: (Score:3, Insightful)

          by Belial6 (794905)
          No, it SHOULD be SOP. It should be trivial, but I haven't been in a single business where it actually was SOP. I'm not saying that there are not businesses that do it right, but you don't get to look like a hero fixing computer problems if there are no computer problems to fix.
      • Why The Fsck are they using Windows to format SD cards?

        Since most cards are in Fat32, Linux can do it, OSX can do it, BeOS could do it, and my guess is even eComstation can do it.

        Why the heck are they using a *Windows* machine to prep the card in the beginning?
  • Ah-Ha!!! (Score:2, Funny)

    by Vinegar Joe (998110)

    I sense the Evil Hand of Steve Jobs behind this!!!!

  • by grahamsaa (1287732) on Friday March 19, 2010 @03:09PM (#31542186)
    How do they know it's not 2,000 or 10,000. Hell, earlier this week it was an "isolated incident."
    • Don't know how many phones they make a year, but in a phone market that sells hundreds of millions of phones each year, 3,000 is a pretty isolated incident. Even 10,000 isn't that much.

    • Re: (Score:3, Insightful)

      by Zerth (26112)

      Perhaps they run them in batches of 3000 and the skid before and the skid after were clean?

    • Re: (Score:3, Funny)

      by BlueBoxSW.com (745855)

      When you take the number of HTC Magic phones that shipped, and subtract the number that were returned, you get 3,000.

      OK, that was mean. I've gotta get outside.

    • >>>"Democracy is the pathetic belief in the wisdom of collective ignorance." -- H.L. Mencken

      Actually studies have found that when you take a mob of people, and have them make guesses, they often come-up with the right answer. For example, ask an audience to guess how many jellybeans are in a jar, average their answers, and you'll have the correct answer +/- 1 jellybean.

      BACK TO TOPIC:

      What good is an 8 gigabyte RAM card? You can't even run Windows 95 on that?

      • Re: (Score:3, Informative)

        Windows 95:
        "Official system requirements were an Intel 80386 DX CPU of any speed, 4 MB of system RAM, and 120 MB of hard drive space."
        • Re: (Score:3, Informative)

          "This configuration was distinctly suboptimal for any productive use..... if any networking or similar components were installed the system would refuse to boot with 4 megabytes of RAM. To achieve optimal performance, Microsoft recommends an Intel 80486 or compatible microprocessor with at least 8 MB of RAM."

          Apparently even back then Microsoft was taking the ACTUAL requirements, and dividing them in half, like when they claimed Vista would work on 1/2 gig of RAM when it clearly could not.

      • by jonbryce (703250)

        I ran it on a 1.2GB hard drive when it first came out.

  • by Anonymous Coward

    From TFA:
    With the first phone, the Mariposa botnet code automatically ran and attempted to infect a computer. Mariposa was at one time one of the largest botnets, but security researchers were able to shut it down in December after disabling its command-and-control servers

    It's a Windows malware, right? So a "Windows" computer connect to the phones sdcard and attempts to autorun whatever on it.
    I don't see how the malware can somehow activated and affect Android Linux O/S running on ARM chip inside a user-mod

    • Re: (Score:2, Insightful)

      From TFA: With the first phone, the Mariposa botnet code automatically ran and attempted to infect a computer. Mariposa was at one time one of the largest botnets, but security researchers were able to shut it down in December after disabling its command-and-control servers

      It's a Windows malware, right? So a "Windows" computer connect to the phones sdcard and attempts to autorun whatever on it. I don't see how the malware can somehow activated and affect Android Linux O/S running on ARM chip inside a user-mode VM. Do botnets have legs now?

      It's irrelevant what operating system the malware operates on. The fact that malware came pre-loaded is troubling.

      • by mpe (36238)
        It's irrelevant what operating system the malware operates on. The fact that malware came pre-loaded is troubling.

        Especially given that there's no good reason for memory cards to come "pre-loaded" with anything at all and the phone's firmware has the ability to format memory cards.
  • by rolfwind (528248) on Friday March 19, 2010 @03:56PM (#31542756)

    Does Apple have a patent on this already?

  • Lineage (Score:2, Funny)

    by Chees0rz (1194661)
    Can I just say it's amazing that Lineage is still popular enough in Asian countries that people are stealing passwords for it like this. If only it held on in the US... that game gave me so many lovely hours of punching ents.

    No bark... no fruit!

    • I'm surprised that we don't see more things like this here in the US with World of Warcraft. It's huge and hacked accounts generate a ton of gold that can be sold for a lot of money.
  • quality control (Score:2, Insightful)

    by jmnormand (941909)
    and this is what happens when you buy from the lowest bidder in china.
  • There are frequent slashdot postings saying that anti-virus programs are a waste of time.

    Maybe this is one example of why it might be a good idea to have one available for an occasional scan. Admittedly anyone running a *nix based computer would not have had a problem with this malware.

    • by RAMMS+EIN (578166)

      ``Admittedly anyone running a *nix based computer would not have had a problem with this malware.''

      I can't help but wonder "how long?"

      How long until we *nix users start having to bog down our systems in order to slow the flood of malware that would otherwise corrupt them?

      • by grcumb (781340)

        ``Admittedly anyone running a *nix based computer would not have had a problem with this malware.''

        I can't help but wonder "how long?"

        How long until we *nix users start having to bog down our systems in order to slow the flood of malware that would otherwise corrupt them?

        Given that viruses and other malware have been a fact of life for as long as I've been using PCs (i.e. early '90s), and that they have never been an issue for Mac or Linux, even in the days when Macs were nearly as numerous as PCs, I'm inclined to say that day will never come.

        What's more likely is that -just like Unix/Linux did- Windows will ultimately drag itself out of the morass of insecurity in which it's currently mired. Eventually....

        ... Possibly even in my lifetime. 8^)

  • This comes as no surprise to me and I remember thinking when i saw console systems such as the Dreamcast go online how long will it be before these systems act as gateways for malware as they continue to make devices more networkable. Now days with all the major consoles and smart phones online and tethiered to your PC it seems more dangerous than ever. How many of you have anti virus for your Playstation 3 , Xbox 360, WII, Iphone, or Droid?
  • Holy crap, that's a lot more phones than I last read. And the Mariposa botnet isn't completely out of the picture. It may be old, but it's still a possible threat, especially if someone has access to phone cards.
  • Similiar Experience (Score:3, Informative)

    by boliboboli (1447659) on Saturday March 20, 2010 @03:42AM (#31548000)

    I purchased a digital picture frame made by Insignia in 2008. When Plugged into my PC my AV(Nod32 Eset) found two files it listed as viruses. After removing them, the picture frame worked fine.

    About a month later Insignia sent a letter explaining there may have been viruses on the internal memory of the frame.I think this happens quite a bit.

A sheet of paper is an ink-lined plane. -- Willard Espy, "An Almanac of Words at Play"

Working...