Vodafone distributes Mariposa Bot, Conficker and Lineage in HTC Magic

Viruses and malware are not new to mobile devices, however, in a somewhat startling revelation, Panda Research blog discovered that Vodafone is distributing the Mariposa bot, Conficker and Lineage password stealing malware with HTC Magic phones.

The vulnerability was found in HTC Magic phone running the Android OS which was supplied by Vodafone Germany (based on the screenshots and German language used on the computer of the Panda AV employee). The alert was triggered by Panda Cloud AV, when the phone was plugged into the PC via USB.

Malicious code was found in the Autorun files, which automatically runs when a USB drive is connected to a PC. The malware in question was identified as Mariposa bot client, which is run by an unknown guy named “tnls”. If users are infected with the virus it will automatically start contacting servers and sending data to them.

Source: advancedcpc.com

In addition to the above bot, the researcher also found traces of Conficker virus along with a password stealing malware called Lineage. There were no reports about the phone being affected by the above, but PCs without appropriate protection would definitely be vulnerable to these viruses.

It is really startling to see that both Vodafone and HTC allowed these phones to be sold without extensive testing and checks. It is not known as too how many phones are affected, however, it is a safe bet to connect your phone to your PC (with AV running), and running a quick scan on the contents of the phone.

We have contacted Vodafone and HTC for a statement, will update this post when more information becomes available.