A pretty ballsy attack here. We’ve long been afraid of backdoors being added to vendor source code – be that OS or Firmware; in the form of an environmental variable, secret user accounts or even the more subtle route of intentional “bugs”. But a standard botnet worm spreading to PCs through phones “right out of the box”? Not very subtle as we can see from how quickly this was discovered and analyzed. Seems like just another vector for the Spanish botnet recently shut down and reported on in HNNCast. The real news here is that unlike P2P, USB and HTML links, THIS vector demonstrates the compromise of Vodafone deep enough inside to actually alter shipping product. What we DON’T know yet is whether this is related to a recent Vodafone website compromise, an unrelated Internet compromise, a physical break-in, an attacker getting “the right job” or what. We think this will become an interesting story as the details get filled in.
a very useful article for everyone. I think this article is very useful for people who want to learn about Mariposa Botnet Malware and finding this On Vodafone HTC Magic...thank you very much
ReplyDeleteThat is a scary thing. Hope they can reveal the truth about it and find the solution to protect the users.
ReplyDeletereally good article on Mariposa Botnet Malware and finding this On Vodafone HTC Magic...i learned a lot from this article...its perfect way to assure the users...really impressive one..thanks
ReplyDelete