I manage all Web initiatives for a Global CPG Company and will confirm this as fact based on data accumulated from daily security server audits spanning 6+ months. Based on the aggregate data, vodafone_spain_network contributes to approximately 7.86% of malicious scans on the Web.

On a side note, the CEO of vodafone, Vittorio Colao, on Feb 16 2010 asserted that Google doesn’t have enough competition in the online advertising space and urged more regulations too impede Google’s progress. Essentially, Colao doesn’t like Google entering the mobile arena and wants to slow Google’s entry. What I find amusing is that vodafone has been impotent/indifferent in controlling and preventing the continued spread of malware on it’s network which negatively impacts the public. Of all the companies that need some form of regulation, it should be vodafone for the sake of public welfare.

VODAFONE SPREADS MALWARE, MEANING somewhere along the process THEY DON’T CARE ENOUGH ABOUT QA, SO FINALLY MALWARE ARRIVES TO A FINAL USER INSIDE A “BRAND NEW” PRODUCT, AND FINAL USER IS NOT GUILTY: BLAME VODAFONE!

I hate to scream at the internet…

thanks Pedro, this information is VERY useful. I’ll never trust again a device with a flash card inside.

THIS IS NOT AN ANDRIOD OR HTC PROBLEM. Wiping your phone will not cure the problem because the virus is not on the phone. The phone’s andriod OS system is on flash memory formatted to a file system that Windows canot even read. Wiping the phone to factory default will NOT remove the virus!

People who use Windows on their PCs and ANY mobile device should be careful. This exact thing could happen with all smart phones, thumb drives, digital cameras, pickture frames and media players. be ESPECIALLY wary of those obscure Chinese off-brand devices like the iPhone knock-offs and other USB-connectable devices that are on eBay.

Here is probably what happened: a Vodaphone customer (one with very poor computer skills) bought a Magic and plugged it into their infected computer, mounting the installed SD card and instantly loading the malware. This clueless user probably couldn’t figure out their phone, or else thought it was “broken” because their infected computer was interfering with the sync and file transfer functionality of the phone so they returned it.

Vodaphone probably just wiped to factory default and ran their automated QA (not even connecting the phone to a Windows PC or changing the SD card) and went “hmmm…CPU OK, Radio OK, RAM OK, ROM checksum OK”…then they re-packed it and called it “fixed”. Unacceptable but unsurprising (you would be AMAZED at how many “broken” computers and related devices are returned by clueless customers purely because of malware or misconfiguration–it in fact accounts for MOST returns now!). Your “refurbished” computer or device is probably exactly the same as what was returned, just with a factory software restored. And as I said, on the Magic and most other smart phones, the in-built software is not residing on the SD card and so it is quite likely that any malware on it will remain after a factory restore. Stupid, clueless tech support!

This is not new. Those digital picture frames still very often come with similar infections, as have cameras and so forth..and the problem is mostly with refurbished devices. Some hints:

* Because Windows (even Vista and 7) are a prime target because of their market share and still have some fundamental flaws in haow they manage security you should NEVER EVER have “autorun” enabled because it is far too exploited by malware

* Make sure your anti-virus is configured to scan removable devices that you leave connected (this option can be disabled but you shouldn’t)

* Be very cautious with refurbished and used equipment. Do not plug it into the ethernet or your other computer equipment until you’ve had a look . Andriods should come with a decent filesystem browser such as ASTRO or similar so you can do this (it bugs me that they do not!). Manufacturers focus on HARDWARE it seems when they refurbish and QA on software issues is still extremely shoddy–usually limited to some automated system-image-restore–so you have to be careful about things like included SD cards that those processes do not consider.

I could tell you horror stories about Panda (we’ve been stuck with them for the last 5 years!!!) and their poor QA, poor support and poor protection in general so I suppose it is possible for a company to miss this kind of thing but I can safely say, this story is a load of shite!

Mariposa:
http://www.virustotal.com/analisis/630fb897d18ffdce8557eeab1a361d9bdd39b883fafd74f357ecef4ffb243eb8-1268225656
MD5: c45a27f8979ff98a982b584ddc1fc58d

Lineage:
http://www.virustotal.com/analisis/c2759b4943c6baca2cd51dc0326936de8d91af94c03a827b9ffd817bcb410ebd-1265221714
MD5: 97893d7c4984cc1b6e41c4ef598bb9d6

Am I the only one who can detect the pungent odour of Snake Oil in this ridiculous beat-up ?