You are here

HomeCarlo Orlando › Conficker Worm Lives On in Taiwanese 'Magic' Phone

Conficker Worm Lives On in Taiwanese 'Magic' Phone

Dennis Faas's picture
by Carlo Orlando on March, 10 2010 at 08:03AM EST

It seems ironic that as the first of April draws near, the dreaded Conficker worm has resurfaced yet again in the media.

April 1, 2010 will mark the one-year anniversary of the date that the Conficker virus was set upon the world, infecting millions of computers. And while many feel the worm failed to live up to its hype, its presence is still being felt across the globe.

Security Researcher Discovers Malware on Phone

A Panda Security employee recently discovered the worm (along with two other malware programs) on his new HTC Magic phone. The malware was activated once the phone was plugged into a Windows computer.

The three malware programs included: the Conficker worm, a lingering client of the now-defunct Mariposa botnet and a password-stealing program from a game called 'Lineage'. (Source: macworld.com)

Conficker's New Source Identified

The source of the malware was discovered on the phone's 8GB microSD memory card, which mounts as an external drive when plugged into a Windows PC. No activation is required from the user since, when plugged into a Windows PC, the Mariposa botnet will run automatically.

The Conficker worm adds its own dangers to this malware hybrid. Surprisingly, the worm continues to infect millions of machines, despite receiving little fanfare.

The password-stealing program will not run automatically, but will still cause its fair share of damage once someone double-clicks the file and unknowingly launches the infection themselves.

Refurbished Phone, Not HTC, To Blame

Meanwhile, HTC is doing what it can to deflect the blame away from their company.

Analysts side with the Taiwanese manufacturer, since the phone has been on the market for more than a year, so it is probable that the malware programs were not installed at the factory-level. Rather, the phone was believed to have been purchased by a different consumer, and the microSD card became corrupt after being plugged into an infected PC.

The good news is that many phones can easily be reset back to their factory settings with the push of a couple of buttons. This step should have been standard procedure before selling a refurbished phone. (Source: yahoo.com)

Many believe that this was an isolated case of HTC phone-related malware infection.

Filed under:
Security
| Tags:
conficker worm
,
malware programs
,
phone
,
plugged
,
htc
Rate this article: 
No votes yet
Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.