“An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs,” Elinor Mills reports for CNET.
MacDailyNews Take: Our condolences to the employee. Nobody should receive an HTC Android phone when Apple iPhones exist.
Mills continues, “‘Today one of our colleagues received a brand new Vodafone HTC Magic with Google’s Android OS,’ researcher Pedro Bustamante wrote on the Panda Research Blog on Monday. ‘The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious,’ he wrote. ‘A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into.'”
MacDailyNews Take: iPhone and Macintosh unaffected (not that any real Mac user would inflict an HTC Magic upon themselves). This one’s a twofer: The upside-down and backwards poorly-faked Mac gets infected by the upside-down and backwards poorly-faked iPhone. How apropos.
Mills continues, “The malware began ‘phoning home’ for instructions, Bustamante wrote. It’s likely the user’s credentials would have been stolen, he speculated. The malware turned out to be related to the Mariposa botnet, but there was other malware on the device too–Conficker and a Lineage password-stealing Trojan, he said.”
Full article here.
MacDailyNews Take: Ah, the joys of an “open” (sort of) platform. By the way, there are currently tens of millions more iPhone OS devices than there are Android devices in the world today, yet Android is the one that’s infected. The “security via obscurity” argument fails yet again.
[Thanks to MacDailyNews Reader “Mike D.” for the heads up.]
Ha! So Sad too Glad i have an iPhone!
Someone should start a pool on how long it will be before Google turns Android over to a Nonprofit Foundation to “better promote its broad acceptance around the world” and moves on to try the next flash of brilliance that catches their fancy.
Meanwhile, Senate staffers are apparently getting viruses from two websites, DrudgeReport and whitepages.com.
Mac users and PC users in the real world are not affected….
Someone at Vodafone España should be fired for this. There is a strong chance someone at HTC may have “preloaded” the phones with malware. However, since Vodafone customises the devices, this should have been caught. It is an embarrassment of colossal proportions.
It will be interesting to watch what happens once this news makes its rounds around the world.
Now that was quick !
How’s that hope and change workin out for ya?!?
Energizer Battery Charger Software Included Backdoor – Macs unaffected.
http://www.krebsonsecurity.com/2010/03/energizer-battery-charger-software-included-backdoor/
(I sent this to MDN this morning – I guess if it doesn’t involve an iSomething killer, they’re not interested.)
Google should just make Google-versions of every product and service that Apple doesn’t make.
Some of the comments from the article are saying an iPhone or iPod could also carry malware that could infect a Windows PC.
Is that possible?
Makes you wonder if HRC puts these malwares on the phones intentionally and gets a piece of everything. Or at least an employee. Otherwise, it’s hard to see how this situation could occur.
Don’t be too quick to judge. Does anyone else remember a few years back when iPods were found to be shipping with some Windows malware? Seems it got into the PC in the factory that did the final format or some such of the iPod.
@ MDN
“By the way, there are currently tens of millions more iPhone OS devices than there are Android devices in the world today, yet Android is the one that’s infected. The “security via obscurity” argument fails yet again.”
^^^Everyone read that 10 times.
I suppose you all forgot about the iPods with malware? http://www.sophos.com/pressoffice/news/articles/2006/10/ipod-ships-with-virus.html Obviously Macs were still unaffected but it can happen anywhere.
@TowerTone
Drudge doesn’t do viruses.
The Drudge Report noted that it served more than 29 million pages Monday without an e-mail complaint about “‘pop ups,’ or the site serving ‘viruses.'”
“The site was seen 149,967 times since March 1st from users at senate.gov and 244,347 times at house.gov. [10,825 visits from the White House, eop.gov]” the Drudge Report wrote.
“The Systems Administrator may want to continue taking her antibiotic until the prescription runs out.”
http://www.foxnews.com/politics/2010/03/09/senate-warns-staffers-stay-clear-drudge-report/
Microsoft TAX Extension! LOL
@Bob
Yeah, that makes no sense. But I guess you’ll just repeat anything you hear of Fox News.
Very funny how that worm always turns!
I saw a new Verizon ad tonight with a 2 for 1 deal on the Droid for $199.00. The Droid is selling well.
@ CYxodus
Exactly, which is why I put the emphasis on ‘real’ world.
“Google should just make Google-versions of every product and service that Apple doesn’t make.”
Uh, don’t seeing them being able to do that.
Why does anyone think that the ability to make a good search engine places a company any where near a company that makes the best operating system in the world?
They have not shown that they can do anything but make a search engine, a good one, but not anywhere near the same level.
An iPhone could have easily been the carrier. Like the Android, it wouldn’t have been “infected”. But … how was the download executed? My understanding was that the automated handshake resulted in a transfer TO the phone, rather than FROM the phone.
Either way, the phone was not so much “infected” as it was a “carrier”. Like a thumb drive with malware stored on it, the drive loses nothing but a bit of storage space.
Micro$oftopoly has other worries as well. The Toyota Prius runs embedded Windows and we all know of the runaway Prius. Could it be that Windoze or Windoze malware is the culprit.
Think I’m crazy? Toyota recalled Priuses a couple of years back due to the software being infected with Windows malware. I’m sure some lawyer(s) somewhere are checking this out.
@ qka
An interesting article mon ami, it just goes to show that even buying reliable brands doesn’t keep you safe sometimes.
@kenh. Google seems to want their thumb in so many pies. Instead of Android, Picasso, Chrome, G-office, G-tv, G-AppStore, etc, I’d rather see Google versions of paperclips, aspirins, jello, taxi-service, etc.
Come on MDN, this is just downright shamefully bad reporting, the HTC device in question wasn’t any more “infected” than the iPods preloaded with malware a little while back. I’m a huge mac person and have had the iPhone since the DAY it came out. But if Apple doesn’t shape up with their controlling nonsense, I’ll be switching to Android. Mac OS X is not locked down the way iPhone OS is, and it doesn’t have problems so your assertion about the joys of the open platform (android) FAIL!