Windows malware found on HTC Android phone; Macintosh and iPhone unaffected

“An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs,” Elinor Mills reports for CNET.

MacDailyNews Take: Our condolences to the employee. Nobody should receive an HTC Android phone when Apple iPhones exist.

Mills continues, “‘Today one of our colleagues received a brand new Vodafone HTC Magic with Google’s Android OS,’ researcher Pedro Bustamante wrote on the Panda Research Blog on Monday. ‘The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious,’ he wrote. ‘A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into.'”

MacDailyNews Take: iPhone and Macintosh unaffected (not that any real Mac user would inflict an HTC Magic upon themselves). This one’s a twofer: The upside-down and backwards poorly-faked Mac gets infected by the upside-down and backwards poorly-faked iPhone. How apropos.

Mills continues, “The malware began ‘phoning home’ for instructions, Bustamante wrote. It’s likely the user’s credentials would have been stolen, he speculated. The malware turned out to be related to the Mariposa botnet, but there was other malware on the device too–Conficker and a Lineage password-stealing Trojan, he said.”

Full article here.

MacDailyNews Take: Ah, the joys of an “open” (sort of) platform. By the way, there are currently tens of millions more iPhone OS devices than there are Android devices in the world today, yet Android is the one that’s infected. The “security via obscurity” argument fails yet again.

[Thanks to MacDailyNews Reader “Mike D.” for the heads up.]


  1. Someone should start a pool on how long it will be before Google turns Android over to a Nonprofit Foundation to “better promote its broad acceptance around the world” and moves on to try the next flash of brilliance that catches their fancy.

  2. Meanwhile, Senate staffers are apparently getting viruses from two websites, DrudgeReport and

    Mac users and PC users in the real world are not affected….

  3. Someone at Vodafone España should be fired for this. There is a strong chance someone at HTC may have “preloaded” the phones with malware. However, since Vodafone customises the devices, this should have been caught. It is an embarrassment of colossal proportions.

    It will be interesting to watch what happens once this news makes its rounds around the world.

  4. Don’t be too quick to judge. Does anyone else remember a few years back when iPods were found to be shipping with some Windows malware? Seems it got into the PC in the factory that did the final format or some such of the iPod.

  5. @ MDN
    “By the way, there are currently tens of millions more iPhone OS devices than there are Android devices in the world today, yet Android is the one that’s infected. The “security via obscurity” argument fails yet again.”

    ^^^Everyone read that 10 times.

  6. @TowerTone

    Drudge doesn’t do viruses.

    The Drudge Report noted that it served more than 29 million pages Monday without an e-mail complaint about “‘pop ups,’ or the site serving ‘viruses.'”

    “The site was seen 149,967 times since March 1st from users at and 244,347 times at [10,825 visits from the White House,]” the Drudge Report wrote.

    “The Systems Administrator may want to continue taking her antibiotic until the prescription runs out.”

  7. “Google should just make Google-versions of every product and service that Apple doesn’t make.”

    Uh, don’t seeing them being able to do that.

    Why does anyone think that the ability to make a good search engine places a company any where near a company that makes the best operating system in the world?

    They have not shown that they can do anything but make a search engine, a good one, but not anywhere near the same level.

  8. An iPhone could have easily been the carrier. Like the Android, it wouldn’t have been “infected”. But … how was the download executed? My understanding was that the automated handshake resulted in a transfer TO the phone, rather than FROM the phone.
    Either way, the phone was not so much “infected” as it was a “carrier”. Like a thumb drive with malware stored on it, the drive loses nothing but a bit of storage space.

  9. Micro$oftopoly has other worries as well. The Toyota Prius runs embedded Windows and we all know of the runaway Prius. Could it be that Windoze or Windoze malware is the culprit.

    Think I’m crazy? Toyota recalled Priuses a couple of years back due to the software being infected with Windows malware. I’m sure some lawyer(s) somewhere are checking this out.

  10. Come on MDN, this is just downright shamefully bad reporting, the HTC device in question wasn’t any more “infected” than the iPods preloaded with malware a little while back. I’m a huge mac person and have had the iPhone since the DAY it came out. But if Apple doesn’t shape up with their controlling nonsense, I’ll be switching to Android. Mac OS X is not locked down the way iPhone OS is, and it doesn’t have problems so your assertion about the joys of the open platform (android) FAIL!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.