Samsung Wave ships with malware-infected memory card

Filed Under: Malware, Mobile

Samsung Wave
Take care if you've recently bought a Samsung S8500 Wave smartphone - it could have come pre-installed with malware on its memory card.

According to reports, the 1GB microSD card that ships with the sexy bada touch-screen smartphone carries an unwelcome surprise - a piece of malware that can automatically run if you plug the card into your Windows computer.

The tell-tale sign of infection is the existence of the aUtoRuN.iNF and slmsrv.exe files on the microSD card. If you haven't configured your Windows computer to ignore the autorun command, then when you plug the card into your PC the malicious slmsrv.exe file will be executed.

Samsung Wave microSD card, containing Autorun malware

Samsung has informed the media that "only the initial production run of Samsung S8500 Wave devices for the German market were shipped with infected 1GB microSD memory cards. Future shipments, and those sent to other markets, should be virus free."

However, I've been unable so far to find any reference to the incident on Samsung's German website - which does beg the question as to how potential victims in the country are supposed to be informed about the issue.

18 months ago I blogged about another security incident involving Samsung products, when it shipped digital photo frames complete with a copy of the Sality worm.

In the past, other consumer gadgets to have been infected by malware include TomTom satellite navigation devices and Apple Video iPods. In 2006, the Japanese subsidiary of McDonald's recalled 10,000 MP3 players after discovering that they had been infected by a spyware Trojan horse.

The lesson is simple, folks - scan everything that you plug into your computer for malware, even if it has been freshly bought from a reputable vendor.

, ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.