Windows malware found on HTC Android phone; Macintosh and iPhone unaffected

“An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs,” Elinor Mills reports for CNET.

MacDailyNews Take: Our condolences to the employee. Nobody should receive an HTC Android phone when Apple iPhones exist.

Mills continues, “‘Today one of our colleagues received a brand new Vodafone HTC Magic with Google’s Android OS,’ researcher Pedro Bustamante wrote on the Panda Research Blog on Monday. ‘The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious,’ he wrote. ‘A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into.'”

MacDailyNews Take: iPhone and Macintosh unaffected (not that any real Mac user would inflict an HTC Magic upon themselves). This one’s a twofer: The upside-down and backwards poorly-faked Mac gets infected by the upside-down and backwards poorly-faked iPhone. How apropos.

Mills continues, “The malware began ‘phoning home’ for instructions, Bustamante wrote. It’s likely the user’s credentials would have been stolen, he speculated. The malware turned out to be related to the Mariposa botnet, but there was other malware on the device too–Conficker and a Lineage password-stealing Trojan, he said.”

Full article here.

MacDailyNews Take: Ah, the joys of an “open” (sort of) platform. By the way, there are currently tens of millions more iPhone OS devices than there are Android devices in the world today, yet Android is the one that’s infected. The “security via obscurity” argument fails yet again.

[Thanks to MacDailyNews Reader “Mike D.” for the heads up.]


  1. Someone should start a pool on how long it will be before Google turns Android over to a Nonprofit Foundation to “better promote its broad acceptance around the world” and moves on to try the next flash of brilliance that catches their fancy.

  2. Meanwhile, Senate staffers are apparently getting viruses from two websites, DrudgeReport and

    Mac users and PC users in the real world are not affected….

  3. Someone at Vodafone España should be fired for this. There is a strong chance someone at HTC may have “preloaded” the phones with malware. However, since Vodafone customises the devices, this should have been caught. It is an embarrassment of colossal proportions.

    It will be interesting to watch what happens once this news makes its rounds around the world.

  4. Makes you wonder if HRC puts these malwares on the phones intentionally and gets a piece of everything. Or at least an employee. Otherwise, it’s hard to see how this situation could occur.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.