An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs.
“Today one of our colleagues received a brand new Vodafone HTC Magic with Google’s Android OS,” researcher Pedro Bustamante wrote on the Panda Research Blog on Monday.
“The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious,” he wrote. “A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into.”
The malware began “phoning home” for instructions, Bustamante wrote. It’s likely the user’s credentials would have been stolen, he speculated.
The malware turned out to be related to the Mariposa botnet, but there was other malware on the device too–Conficker and a Lineage password-stealing Trojan, he said.
A Vodafone spokesperson did not return an e-mail from CNET seeking comment, but The Register published a statement from Vodafone that said it is investigating the matter.
“Following extensive quality assurance testing on HTC Magic handsets in several of our operating companies, early indications are that this was an isolated local incident,” the statement said.
Last week, three people were arrested in Spain on charges of operating a massive botnet composed of 12.7 million PCs that stole credit card and bank log-in data and infected computers in half of the Fortune 1,000 companies and more than 40 banks. The botnet was dubbed “Mariposa,” which means butterfly in Spanish.
This article was first published as a blog post on CNET News.