Conficker Worm Lives On in Taiwanese 'Magic' Phone

Dennis Faas's picture

It seems ironic that as the first of April draws near, the dreaded Conficker worm has resurfaced yet again in the media.

April 1, 2010 will mark the one-year anniversary of the date that the Conficker virus was set upon the world, infecting millions of computers. And while many feel the worm failed to live up to its hype, its presence is still being felt across the globe.

Security Researcher Discovers Malware on Phone

A Panda Security employee recently discovered the worm (along with two other malware programs) on his new HTC Magic phone. The malware was activated once the phone was plugged into a Windows computer.

The three malware programs included: the Conficker worm, a lingering client of the now-defunct Mariposa botnet and a password-stealing program from a game called 'Lineage'. (Source:

Conficker's New Source Identified

The source of the malware was discovered on the phone's 8GB microSD memory card, which mounts as an external drive when plugged into a Windows PC. No activation is required from the user since, when plugged into a Windows PC, the Mariposa botnet will run automatically.

The Conficker worm adds its own dangers to this malware hybrid. Surprisingly, the worm continues to infect millions of machines, despite receiving little fanfare.

The password-stealing program will not run automatically, but will still cause its fair share of damage once someone double-clicks the file and unknowingly launches the infection themselves.

Refurbished Phone, Not HTC, To Blame

Meanwhile, HTC is doing what it can to deflect the blame away from their company.

Analysts side with the Taiwanese manufacturer, since the phone has been on the market for more than a year, so it is probable that the malware programs were not installed at the factory-level. Rather, the phone was believed to have been purchased by a different consumer, and the microSD card became corrupt after being plugged into an infected PC.

The good news is that many phones can easily be reset back to their factory settings with the push of a couple of buttons. This step should have been standard procedure before selling a refurbished phone. (Source:

Many believe that this was an isolated case of HTC phone-related malware infection.

Rate this article: 
No votes yet