According to Computerworld, Panda Security is investigating how three malware programs got on a recently purchased HTC Magic phone that belonged to a Panda employee.
The phone contained a client for the now-defunct Mariposa botnet, the Conficker worm and a password stealer for the Lineage game. The malware was found on the phone's microSD memory card.
How did the malware get there? It's unlikely that the programs were installed in the factory, says Pedro Bustamante, Panda Security's senior research adviser. Instead, he thinks that the phone was originally purchased by someone else. The microSD card likely became infected after the phone was plugged into an infected PC. The phone was then returned to Vodafone and wasn't cleaned before it was sent to another person.