All the AV alarms went off!
It seems that the memory card in the phone was infected with not one, but three pieces of malware.
The AV software uncovered a variant of the recently shut-down Mariposa botnet (this one being managed by a different bot-herder) which was launched via an autorun.inf file.
Confiker and a password-stealing package were also located on the memory card.
As yet, it has not been determined whether this was a refurbished unit (suggesting a probable one-off incident) or whether there is a batch of these memory cards in circulation.
Either way, it casts Vodafone Europe's quality assurance procedures in a rather poor light.
Around close-of-business time yesterday in Europe yesterday, Panda indicated they planned to obtain a random sample of similar phones to test whether the issue is widespread.