Another Vodafone HTC Magic phone infected with malware has surfaced in Spain one week after the first Mariposa botnet-infected HTC Magic surfaced, according to scans performed by digital security company Panda Labs.

Vodafone Spain did not reply to requests for comment by press time, but had earlier called the infected phone an “isolated incident.”

The reports of additional infections came after a Panda Labs employee scanned her new Android-based HTC Magic for malware and discovered not only the Mariposa virus but Confiker malware and a Lineage password stealing virus.

After reports of the malware-infected phone surfaced, an employee of Spain-based information technology security company S21Sec scanned his HTC Magic and discovered the same virus that had been loaded onto the other Vodafone handset.

The security firms are unclear on how the phones became infected with the viruses, but Panda Labs suspects flaws in the quality-assurance process on refurbished phones.

The security company says the virus is located in the device’s memory card, not the Android file system.

Both the devices were purchased directly from Vodafone.

Shortly after the first report of the infection came out, Vodafone said the HTC Magic was “coming towards the end of its life with us.” Vodafone said the device was being discontinued because it was one of its longest-running handsets.