Mariposa Botnet Distributed to Vodafone Customers
Mariposa Botnet Distributed to Vodafone Customers
Posted 03/09/2010 at 4:57pm
| by Ryan Whitwam
5
Comments
Print
An unsuspecting Vodafone customer got quite a nasty surprise when she got her new HTC Magic (MyTouch 3G in the states). Upon plugging it into her Windows PC, Panda Antivirus sounded the alarm. It turns out that the new phone contained several malware programs including an installer for the Mariposa botnet.
This wasn’t just any poor soul, lost in the wilds of technology though. Nope, the victim of this sneak attack works for Panda Security. As you can imagine, her coworkers were terribly interested in the phone. Closer examination showed an autorun.inf and autorun.exe that would load the malware on any PC the phone was plugged into. Panda confirmed that the botnet was active, and when installed the software “phoned home” for instructions. They also found a Confiker variant and a password stealer.
Vodafone recently discontinued the Magic, so after current stocks are sold out no one will need fear the phone baddies. Well, until the next time this happens. So how did a Spanish hacker group get their malware on this phone? And more importantly, are more phones affected? It seems unlikely there was just one infected phone, and that it happened to be sold to a Panda employee.
More like this
einstein1971
March 09, 2010 at 6:54pm
So what's interesting here is that everyone is either ignoring or glossing over the fact that the phone runs Google's Android OS...wan't open source supposed to be virus free? Yes it installs on a WIndows PC but this wonderful Google device is the point of infection. I wonder why you left that little bit out of the article????
Caboose
March 09, 2010 at 7:57pm
Just because it's open source, doesn't mean someone can't hide the malware plus file to automatically run the malware once the phone is connected to a Windows PC and an auto-scan/run is performed. If the phone had been infected and the Botnet running ON the handheld then that'd be a different story.
It's like a virus on a thumb drive...
-= I don't want to be dead, I want to be alive! Or... a cowboy! =-
IFLATLINEI
March 09, 2010 at 6:06pm
Whats even more amazing that this would happen to a Panda employee? Having Panda actually catch the malware.
Connect with MaximumPC
Featured Content
Where have all the memorable videogame enemies gone?
This month's issue
Feature
How to Set Up A New PC
Feature
The State of GPU Computing
How-To
Benchmark an Android Phone
Build It
Sandy Bridge-E
Most Commented Articles
Latest Max PC Tweets
- maximumpc: We referred to "motherboad" prices in an earlier tweet. Not to be confused with motherboard prices, which are ALSO going up.6 hours 56 min ago
- maximumpc: Oh hooray. Motherboad price hikes inbound. http://t.co/nacDWfjJ9 hours 30 min ago
- maximumpc: AMD's New Direction For 2012: Heterogenous Computing, Trinity, and Hondo http://t.co/2KzhCT1N1 day 1 hour ago
