Digital Device Malware
It's clear that any data exchange device that plugs into your computer can be an entry point for malware but now we have a strange example of just how far this principal extends. The Register is reporting of a problem with digital photo frames that were apparently infected somewhere in the supply chain.
In the latest incidents, three photo frames made by Tuscaloosa, Ala.-based Advanced Design Systems, and bought from different Sam's Club stores, each contained a Trojan horse, according to reports to the SANS Internet Storm Center. The malicious code appears to act like a rootkit, hiding itself and disabling access to antivirus resources.
So much for that Christmas gift.
The article goes on to describe how the malware functions:
"It propagates to any connected device by copying a script, a com file and an autorun file," one consumer reported to the ISC. "It hides all systems files and itself while completely eliminating the user admin ability to show hidden files. It creates processes that negate any attempt to go to anti virus and anti spam web sites. It prevents the remote installation of any antivirus components."
It is best to assume that anything that plugs into your computer is a potential malware vector - even if it is brand new, just out of the box. I haven't seen any data on how prevalent this problem is , we just have anecdotal evidence. I'm assuming it isn't a significant portion of the overall malware threat but it is just interesting to note that if there is a theoretical method to spread malware, somone is probably exploiting it.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
