Samsung Wave Comes Packed with Trojan
Samsung has confirmed that a German batch of Wave smartphones were pre-loaded with malware.
Shipping smartphones with infected microSD cards seem to be common practice as of late, with Samsung serving as the latest manufacturer to ship infected devices. Although deemed accidental, the company packaged its first-run batch of Samsung S8500 Wave smartphones with the Win32/Heur trojan embedded in slmsrv.exe. This Windows-based application is accompanied by an Autorun file located in the root of the memory card which launches when the device is connected to the user's PC (and Autorun is enabled).
"I recently received a S8500 Wave test unit from our contacts in Seoul, and the microSD card was infected," reports this user. "A quick search of the internet for "slmvsrv.exe samsung wave" turns up two postings on German discussion forum sites (Telefon-Treff and Handy-FAQ) that confirm what I have personally seen. It is worth noting that my Wave was made for the German market."
After reporting the problem to Samsung, the company confirmed that the infection only resided on microSD cards mounted in the initial run of German market Wave devices. However, as previously mentioned, it stands to question how these cards become infected in the first place, especially new models. In March we witnessed the release of over 3000 infected HTC Magic smartphones in Spain. The devices were loaded with the Mariposa and other strains of malware. Is an epidemic starting to take place?
As for the current Samsung Wave infection, it's believed that the microSD cards were compromised in the first half of May, weeks before the phones were shipped overseas. Typically PC's infected with Win32/Heur will transmit the executable and Autorun file when any memory card or USB storage device is attached.
- MSFT Retaliates Against Google's Security Claims
- The Asus Waveface Concept Devices
- VIDEO: Jobs Introduces iPad to Rebel Alliance
- Biwin's USB Drive for Beer Drinkers
- Google Dumps Windows Due to China Hack?
- Woman Sues Google for Bad Directions, Accident
- Asus Announces Tablet Notepad, the Eee Tablet
- CTA's Inflatable Wii Racecar is Awesome
- Bangladesh Bans Facebook
- RUMOR: Apple's iPad May Be Heading to Verizon
- Microsoft Revealing Hulu for Xbox in Two Weeks?
- Sanyo Shows Off Waterproof Full HD Video Cam
- Smokescreen Renders Flash in JavaScript
- Sony Gives Three Free Games with Every PSP Go
- Kidnapped Kids Found on Facebook 15 Years Later
- Verizon: No iPhone in Immediate Future
- Gizmodo Editor's Devices Examined in iPhone Case
- Sony: Retrofitting PS3 Games with 3D Challenging
- AT&T Threatens Legal Action for Emailing Its CEO
A Windows virus on the microSD card for a non-Windows phone is unlikely to occur unintentionally. This leaves the question - stupidity or conspiracy?
Nice Samsung. I think you should do something for those customers.
Is the phone REALLY that sexy?
i'll bet this happened because of an employee. how does a virus accidently get on all these devices?
I vote for stupidity and sheer laziness. Cards are probably loaded from a computer running Windows SP2 with an out-of-date copy of AVG on it. The IT guy at my work it a bit of a Mac slinging douche with no intentions of upgrading our computers from SP2 with IE6. This happens everywhere and it usually takes an issue like this to kick an IT department into action.
as annoying as it is I'm always fascinated by how much like life viruses have become. they manufacture computers in clean rooms to keep out dust and bugs and the like. soon their going to have to start using "digital" clean rooms to keep unwanted viruses out of software.
That's why the first thing you do after installing a fresh copy of Windows is disable the autorun feature.
as annoying as it is I'm always fascinated by how much like life viruses have become. they manufacture computers in clean rooms to keep out dust and bugs and the like. soon their going to have to start using "digital" clean rooms to keep unwanted viruses out of software.
They should already be doing this...
All of my IT/IS testing environments are sterile. I wouldn't dare create any deployments in a compromised setting. That's just asking to get fired/sued.
That's why the first thing you do after installing a fresh copy of Windows is disable the autorun feature.
or one can just download a Panda USB vaccine..
http://www.pandasecurity.com/homeu [...] sbvaccine/
Does Panda USB Vaccine prevent autorun from triggering from the system drive?
maybe.. it says it prevents any autorun files running regardless of location..
Now that's what I call value for money
Need to make a call to "TROJAN MAN" for a digital condom...
Sub-contractor
Left scratching my head over the actual payload.
According to some reports this file launches Win32/Heur trojan. Maybe other people can verify this in more details.
"jhansonxi 06/02/2010 10:40 PM
A Windows virus on the microSD card for a non-Windows phone is unlikely to occur unintentionally. This leaves the question - stupidity or conspiracy?"
You missed the point. The cards were infected while being loaded with the media AND attached to a pc. Then the sd card(s) went to production where it was populated to other sd cards.
So conspiracy is less likely but stupidity ... definitely.