Samsung smartphone shipped with malware-infected memory card

The latest mass-market product that has been found being shipped to customers while containing malware is the Samsung S8500 Wave phone with the Samsung bada mobile platform.

The malicious file in question is slmvsrv.exe, and can be found on the 1GB microSD memory card contained in the smartphone. The malicious file is accompanied by an Autorun.inf file, which installs itself on any Windows PC that still has the autorun feature enabled.

According to Michael Oryl, he received a device for testing and after he found out that the card was infected, he did an online search for the file in question and unearthed two posts on some German forums that claim the same. He contacted Samsung, and they confirmed that the initial production run of the devices shipped to Germany was, indeed, infected.

“A PC that is infected with the malware will try to copy the program and associated autorun.inf file onto any memory card or USB memory drive that is inserted into the infected computer. The copied files will show the then-current date and time, which indicates that our memory card was infected in the first half of May, before the phone was shipped overseas to us,” says Oryl.