ComputerWeekly has a story today about UK security researchers accidentally discovering that a new out-of-the-box Vodafone HTC Magic smartphone running Google's Android software contained a Mariposa bot client. Once the smartphone was attached to the owner's PC, the bot would have "phoned home" with the user's credentials and passwords.
Vodafone says that it is the " world's leading mobile telecommunications company."
The researchers say that the malware is in the Vodafone smartphone's memory card and not in the Android software.
Speculation is that either an employee installed the malware, or that it was in a returned phone and its memory card was reused.
Today's ComputerWeekly story says that more Vodafone HTC Magic smartphones are going to be checked by the researchers to see if this was a one-off incident or something more widespread.
Either way, the researchers say, Vodafone needs to improve its quality control.
This news follows that of a similar incident this week involving the announcement by US CERT security researchers that the Energizer Duo USB battery charger, Model CHUSB, has contained a backdoor Trojan program that allows unauthorized remote system access. This eWeek.com story says that it may have been around for possibly three years. The news has prompted Energizer Battery to:
"discontinued sale of this product and has removed the site to download the software. In addition, the company is directing consumers that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer. This will eliminate the vulnerability. In addition CERT and Energizer recommend that users remove a file that may remain after the software has been removed. The file name is Arucer.dll, which can be found in the Window system32 directory."
The company also stated that it "is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software."
Installing malware at the factory is becoming a less isolated incident, unfortunately. Last May, for instance, new M&A Companion Touch netbooks were found to contain malware. Kaspersky Labs, which found the malware, warned users that they should scan virgin systems for malware before connecting them to the Internet.
Very good advice, indeed.
A few more incidents like this and it won't be long before we start to see companies needing to tout their electronic products as being not only wonderful but "virus free".
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.
