Smart Phones Consigned With Malware-Infected Cards
Several smart phones of Samsung S8500 Wave have been shipped with a memory card that contained malware, as per the reports. Says Graham Cluley, security expert at Sophos, the malware becomes active on its own when an end-user plugs the card into a Windows PC. TGDAILY published this on June 4, 2010.
Elaborates Cluley, any Windows PC that hasn't been configured to disable its 'autorun' feature will have the malevolent file slmsrv.exe executed when the card is inserted.
This Windows-suited program called Win32/Heur is seen along with an Autorun.inf file inside the said memory card's root zone. And just as the card is plugged into a Windows computer which has its 'autorun' utility turned on, it causes the program to automatically upload itself.
And like security researchers elaborate, autorun, which is found on Windows PCs by default is what leads CDs to start automatically when installed.
Meanwhile, when the malware infects a Windows PC, the system attempts at copying the malicious software together with the accompanying 'Autorun.inf' file on its USB memory drive or a memory card which's plugged into the contaminated PC.
Additionally, the time and date displayed on the copied items is current. Consequently, these pieces of information on the malware-ridden card suggest that it was infected during the first half of May 2010, prior to the shipment of the phone to foreign countries.
Nonetheless, Cluley advised that users must scan all cards and devices prior to attaching them to their PCs despite their purchases being made fresh from an established company.
Also, says Sean Sullivan, security expert and advisor to security firm F-Secure, his firm has validated the news that some end-users' computers have been infected with the file. Sullivan further disclosed that F-Secure's telemetry suggested the infection was spreading online, though in a limited way. ZDNet published this on June 4, 2010.
Meanwhile, Samsung's device isn't alone to be infected. Earlier, other consumer devices also became contaminated with malware like Video iPods of Apple and satellite navigation gadgets of TomTom. Similarly, during 2006, a McDonald subsidiary in Japan withdrew 10,000 MP3 players following the discovery of spyware inside the devices.
Related article: Smartphone Spying Software Attacked by F-secure
» SPAMfighter News - 18-06-2010