Samsung has shipped smartphones with memory cards containing malware.
In some of the affected Samsung S8500 devices, the 1GB microSD card that comes with the device contains a piece of malware that can automatically start-up once the device is plugged into a Windows PC.
Those microSD cards containing aUtoRuN.iNF and slmsrv.exe files are most likely infected, according to Graham Cluley, senior technology consultant at security vendor Sophos.
"If you haven't configured your Windows computer to ignore the autorun command, then when you plug the card into your PC the malicious slmsrv.exe file will be executed," Cluley explained in a blog post.
Samsung claimed that only the S8500 Wave smartphones from the initial production run shipped to Germany are affected. Samsung would not confirm the exact number of infected devices.
Devices sent to the UK should be free from infection, Samsung said.
Cluley said that when he tried to find information on the malware incident from the German Samsung website, he could not find anything.
"[This] does beg the question as to how potential victims in the country are supposed to be informed about the issue", he said. "The lesson is simple, folks - scan everything that you plug into your computer for malware, even if it has been freshly bought from a reputable vendor."
Samsung is not the only tech company to send out malware on its devices. In May, IBM did the same with USB sticks in Australia.
"This is an isolated issue that took place solely in the German market," said Samsung in a statement. "All products currently available on the market have been tested and are perfectly safe for use. This problem does not and did not affect the UK."
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
100 million Samsung Galaxy devices vulnerable to cryptographic key hackNews Widespread flaws in hardware-backed key management could enable hackers to bypass FIDO2 authentication
-
Researcher awarded $50,000 for discovering Samsung Galaxy S21 hackNews UK researcher Sam Thomas won the Pwn2Own bounty using a "unique three-bug chain"
-
Samsung to support enterprise devices with five years of Android updatesNews Samsung Galaxy S20, S21 and Note 20 series phones are among the devices set to benefit from extended support
-
Samsung laptops open to hackers after Windows Update disabledNews Security researchers warn of serious risks as Samsung overrides key security feature
-
Samsung to roll out security patch for keyboard vulnerabilityNews Bug exposing Galaxy smartphones to hackers will be squashed within coming days
-
Samsung denies Smart TV could eavesdrop on users' conversationsNews South Korean firm plays down reports of digital snooping, after privacy policy prompts alarm bells
-
Research team highlights Android NFC security holesNews Two zero day vulnerabilities let security boffins hack Samsung Galaxy S3 phone using NFC.
-
Dell confirms malware on motherboardsNews Dell has shipped a small number of replacement motherboards containing a piece of malware.
