There's no hiding the fact that when you get something new, the first thing you want to do is open up the box, pop in the battery (if it needs a battery), and then turn that thing on and start going about your business. What you don't want, is to turn on that said device, and find out that you've got some information-jacking malware botnet program running on it. That's a bad day. That's exactly what happened to several thousand folks who had recently picked up a Vodafone Spain HTC Magic, the wireless carrier has recently admitted.
The Mariposa botnet agent has officially infected somewhere in the ballpark of 3,000 handsets, the company affirmed to Spanish media on Thursday. The company had met with their Iberian branch, along with representatives from Panda Security, who actually caught the malware infraction right from the start. Vodafone Spain provided an HTC Magic to a representative from the company to test, and that's when all this trouble first started, back at the beginning of March. While Mariposa is the big name being tossed around right now, it seems that other strains of malware were also found on many of the HTC Magics. How was the information-stealing program finding its way onto the phones? Through the SD cards. A second infection was also confirmed before the announcement earlier this week, when a handset found its way to a security consultant with S21Sec.
Vodafone Spain is now in the works of replacing 3,000 MicroSD cards. Not because they think it's a precautionary measure, but because they've fully admitted that 3,000 devices are more than likely infected. Thankfully, Vodafone itself is investigating the situation, and so far has found that the event is a "localized" one, and not spreading across other Vodafone Europe handsets. This is definitely shocking news, but we're glad that the wireless carrier is admitting to the problem, and doing what they need to do to fix the situation. Hopefully they can root out the source, and prevent anything like this happening again.
[via The Register]