Vodafone stands accused of distributing some HTC phones with malware pre-installed on them.
An HTC Magic phone, running the Google Android mobile operating system, was found by a researcher at Panda Security to be pre-loaded with the Mariposa bot client.
Vodafone distributes this phone to its userbase in some European countries and it seems affordable as you can get it for 0€ or 1€ under certain conditions.
Panda reports that when the researcher "plugged the phone to her PC via USB her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious. A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into." Urk!
The researchers also reports finding a Confiker worm and Lineage password stealing malware.
Vodafone said it is investigating, while claiming the phone must have been tampered with.