Samsung’s “Wave” cell phone released with a microSD card is “infected with a malware called ‘Worm:Win32/Verst.A’. malware itself doesn’t run on phone, but does try to infect your computer. Verst.A spreads by taking advantage of autorun feature in Windows. If run, worm starts a thread that continuously tries to copy itself to all drives from A to Z. Fortunately Windows 7 prompt users before invoking autorun. Also, you can update your autoplay functionality on other Windows versions by following instructions,” reports MMPC team.
“It appears that this malicious software was distributed only to a limited number of customers and was isolated to a specific geographic region east of Spain and west of Poland.”
In addition to being a worm, Verst.A searches for “credentials and software registration details from a variety of apps including Miranda ICQ, WebMoney, QIP Infium, and Multi Password Recovery. We find it interesting that this threat searches for saved credentials from another password recovery tool.”
More Info: detailed analysis