The IDG News Service reports that a Panda Security employee has discovered three malware programs on a new, out-of-the-box HTC Magic phone. The malicious programs were discovered when the employee plugged the device into a Windows-based PC.
The three malware programs consisted of a client for the Mariposa botnet (now defunct), the Conficker worm, and a password stealer for Lineage, the game. All three programs resided on the phone's SD card--the Mariposa botnet client even automatically loaded when the device was connected to the PC.
Because the HTC Magic has been on the market for a year, it's unlikely that the malware programs were installed at the factory. British wireless carrier Vodafone said that this was probably an isolated incident. "We will obviously fully investigate this and make sure that any necessary changes to our security policies are put in place," a spokesperson said.
Panda believes that the phone was purchased by someone else and was thus returned to Vodaphone already infected. More than likely the UK wireless carrier neglected to re-format the card or re-flash the phone's memory before re-boxing the device and distributing it to another customer... namely the Panda Security employee.