Skip to main content

Another HTC Magic Smartphone Sports Malware

Is Vodafone infecting HTC Magic smartphones? That's seemingly the case. Last week we reported that a Panda Security employee discovered three malware programs on his new HTC Magic from Vodaphone. Now Panda Security is reporting that a second HTC Magic smartphone contains malware, however this time the infected device was spotted by security firm S21Sec over in Spain.

"This guy had also purchased an HTC Magic direct from Vodafone’s official website the same week as my co-worker," said Pedro Bustamante of Panda in this blog. "He hadn’t connected the phone to his PC yet, but as soon as he saw the news, he hurried back home, plugged it in via USB and scanned its memory card with both MalwareBytes and AVG Free. Lo and behold, Mariposa emerged again, exactly in the same way as in our original finding."

Bustamante said that the S21Sec employee sent him the phone's microSD card so that he could find out what happened. The dates of the files led him to believe that this particular Vodaphone HTC Magic was loaded with the Mariposa bot client around one week before the phone was shipped to the S21Sec employee. Bustamante also discovered that the malware was nestled in the same spot as the previous phone.

"Vodafone stated it was an isolated incident, but that theory is losing ground as quick as you can say 'p0wn3d.'" he said. "Originally I had thought it was an issue with a specific refurbished phone as well. But having the exact same botnet client with the exact same characteristics, with such little time difference between the malware being loaded and delivered to the client and all happening during the same week, makes me think this might be a bigger problem, either with QA or with a specific batch of phones."

He warned consumers who purchased the HTC Magic from Vodephone-- a few weeks before or after March 1st 2010-- to scan both the PC and microSD card.

  • dman3k
    Verizon/Vodafone probably has a clown at a store flashing the phone with a virus. The joke will be soon on him.

    p.s. the last vodafone is misspelled as "vodephone."
    Reply
  • deadlockedworld
    And I should trust this thing for online banking apps? LOL.
    Reply
  • JohnnyLucky
    major bummer. I'll bet it will kill sales and revenue.
    Reply
  • dan117
    What the fuck is Vodaphone?
    Reply
  • amabhy
    Hmm... love how this is coming out of the mouth of someone working at an antivirus company

    And theyre not even sure which phones have it... PR campaign perhaps?
    Reply
  • maestintaolius
    dan117What the fuck is Vodaphone?Well, considering there's 30 different spellings of Vodafone in this article...

    Otherwise, Vodafone is pretty much the world player everywhere that isn't China or the US (and they own a large chunk of Verizon).
    Reply
  • WheelsOfConfusion
    deadlockedworldAnd I should trust this thing for online banking apps? LOL.You shouldn't trust any cell phone for banking apps.
    Reply
  • bak0n
    It's probably done in China in one of their gold farming operation sites
    Reply