Samsung Wave ships with malware-infected memory card

Samsung Wave
Take care if you’ve recently bought a Samsung S8500 Wave smartphone – it could have come pre-installed with malware on its memory card.

According to reports, the 1GB microSD card that ships with the sexy bada touch-screen smartphone carries an unwelcome surprise – a piece of malware that can automatically run if you plug the card into your Windows computer.

The tell-tale sign of infection is the existence of the aUtoRuN.iNF and slmsrv.exe files on the microSD card. If you haven’t configured your Windows computer to ignore the autorun command, then when you plug the card into your PC the malicious slmsrv.exe file will be executed.

Samsung Wave microSD card, containing Autorun malware

Sign up to our free newsletter.
Security news, advice, and tips.

Samsung has informed the media that “only the initial production run of Samsung S8500 Wave devices for the German market were shipped with infected 1GB microSD memory cards. Future shipments, and those sent to other markets, should be virus free.”

However, I’ve been unable so far to find any reference to the incident on Samsung’s German website – which does beg the question as to how potential victims in the country are supposed to be informed about the issue.

18 months ago I blogged about another security incident involving Samsung products, when it shipped digital photo frames complete with a copy of the Sality worm.

In the past, other consumer gadgets to have been infected by malware include TomTom satellite navigation devices and Apple Video iPods. In 2006, the Japanese subsidiary of McDonald’s recalled 10,000 MP3 players after discovering that they had been infected by a spyware Trojan horse.

The lesson is simple, folks – scan everything that you plug into your computer for malware, even if it has been freshly bought from a reputable vendor.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.