Slashdot Mirror

← Back to Stories (view on slashdot.org)

Digital Picture Frames Infected by Trojan Viruses

Posted by Zonk on from the watch-where-you're-buying-things-from dept.

CR0WTR0B0T writes "The San Francisco Chronicle is running a story on viruses loaded into digital picture frames, similar to the ones we discussed at the end of last year. The difference is in the virus used: 'The authors of the new Trojan Horse are well-funded professionals whose malware has 'specific designs to capture something and not leave traces ... This would be a nuclear bomb of malware.' Apparently, a number of regular folks have hooked them up to their home computer and loaded the virus. And if you think you're too smart to be fooled, apparently the Anti-Virus software makers have not caught up to the threat quite yet."

11 of 174 comments (clear)

  1. MOD PARENT DOWN: Shock site by CRCulver · · Score: 4, Informative

    The parent post links to GNAA's admirable "Last Measure" shock site.

  2. Well... by ledow · · Score: 4, Insightful

    - Run an OS that does not automatically try to mount devices, without user interaction.
    - Run an OS that does not execute programs on devices once mounted, without user interaction but preferably not at all. (Autorun, I'm looking at you)

    Although what doesn't seem to mentioned specifically is if the viruses are contained on the memory of the frames themselves (i.e. just like any other removeable drive) or whether they are on some sort of driver/bundle CD. It does seem to hint that it means the device itself, which begs the question how is it getting executed? Is there a setup.exe that autoruns like on certain brands of USB drive (DUMB IDEA OF THE CENTURY)? Are there infected data files like JPEG's that just so happen to allow execution of their code on certain OS's? Is there an actual executable that isn't supposed to be on there at all that autoruns or waits for the user to double-click it?

    Either way, it's hardly a brilliant way to spread and only a dozen or so people seem to have been affected out of whichever country it's talking about (presumably the US). That sounds more like they had the virus already and it made its way onto their digital photo frames when they first connected them. Yes, it's a worry that malicious code could make its way onto a consumer device at the factory, but more at fault here are the OS and the user practices - we had all this back in the 80's/90's... don't take floppies off people you don't trust without scanning them first. Have we seriously come full-circle to the same dumb, preventable "problem"?

    1. Re:Well... by Anonymous Coward · · Score: 5, Insightful

      - Run an OS that does not automatically try to mount devices, without user interaction.

      And this would help HOW? Maybe it'd allow certain wiseguys to point at and blame the user for mounting the volumne in question - but ordinary users who just want to put pictures on their frame would *have* to mount it it, and it doesn't matter whether you have to click or whether it happens automatically. In fact, given that you'll likely only ever plug in the frame when you actually do want to access it, automounting seems like a good idea that does save you work in this case.

      Automatically running code without the user asking for it is another issue, of course - that is a colossally stupid idea indeed, yes.

    2. Re:Well... by Anonymous Coward · · Score: 5, Informative

      The picture itself in not a virus, rather it becomes one when the malformed image causes some type of overflow /exploit to the program that renders that picture
      , so not having something run auomatioally doesn't really matter, when you do open the picture it Runs by exploiting a flaw in the program that renders it. whether it starts automatically or not is of less relevance.

      This fact isn't being made very clear in this forum or the document.
        Pictures are not viruses they ar caused to become one on very specific software that render them .
      EX: The same image when viewed or if even viewable on different rendering software will have no effect .

    3. Re:Well... by CR0WTR0B0T · · Score: 4, Insightful

      The article is saying that these were found to be infected at the point of purchase. These picture frames are designed to be user friendly and will hook up via USB cable and scan your PC for your digital media. They have software loaded on them to play pictures, AVI, and for some odd reason MP3s. The real issue here is the Ma and Pa who bought their new PC at BestBuy to look at pictures of their grandkids and surf the web are at risk. Even the PC already loaded with anti-virus software isn't protected. As soon as they hook up the frame to start downloading the pictures, the virus is activated. Good thing is this round steals someone's online gaming passwords (WOW?), which likely won't affect many since hardcore gamers aren't likely to use digital picture frames. Next round could be mining for TurboTax information or passwords to play Global Thermonuclear War with WOPR.

      --
      "Nothing to see here. Move along."
    4. Re:Well... by CR0WTR0B0T · · Score: 4, Funny

      Yes. I wondered why my chair was so lumpy.

      --
      "Nothing to see here. Move along."
  3. Put the pieces together by DNS-and-BIND · · Score: 5, Insightful
    1. The authors of the new Trojan Horse are well-funded professionals whose malware has "specific designs to capture something and not leave traces,"

    2. Computer Associates has traced the Trojan to a specific group in China

    3. It spreads by USB drives

    4. "It is a nasty worm that has a great deal of intelligence,"

    Follow the money. My money's on an espionage tool from the Chinese government or its affiliated corporations. Let the flaming begin...I said "China" and "espionage" in the same sentence, I'm sure folks out there would like to lynch me just for even suggesting that there is such a laughable concept as espionage, or bash me for so-called China-bashing (which includes any criticism of China except those for human rights, that's OK).

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  4. Be Safe: Roll Your Own DPF by wehe · · Score: 5, Informative

    Do you want to be on the safe side and have some fun, too? Just make your custom DPF and install Linux on it. Here are some DIY instructions to make a digital picture frame from an old laptop or notebook. And here is a survey of Linux used on selfmade digital photo frames

  5. ALERT: People at SANS, incoming CHAIRS! by SmallFurryCreature · · Score: 4, Insightful

    Deborah Hale at SANS suggested that PC users find friends with Macintosh or Linux machines and have them check for malware before plugging any device into a PC.

    Oh boy, you gotta love that bit. Amusing as the suggestion that Mac's and Linux "machines" are not PC's may be, do you realize just how damning of MS software this is? SANS, a security organisations basically says that if you don't trust a piece of hardware, then it is okay to plug it into a mac or linux machine, to test wether it is safe to plug it into a windows pc.

    Is this like those warnings on tv, kids do not try this, if you want to do this experiment, get an adult to help you. Kids do not use windows blindly, if you do wish to add a new device, get someone with a real OS to help you out.

    Oh well, to all the windows using women out there, remember, the standard rate for getting a guy to help you out is ONE blowjob. Please form an orderly cue.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  6. Three R's again!!! by MrKaos · · Score: 4, Funny
    Well four now, since Vista was released,,

    If you're attacked and your PC fails, you'll have to reformat and reload all of the programs.
    and it triggers two of the 4 r's of Microsoft

    reboot the machine

    reload the applications *

    reformat/reinstall the OS *

    revert to the previous version

    but it must be fun cause we do it over and over and over and over and over and over and over and over and over.

    --
    My ism, it's full of beliefs.
  7. Fire the metaphor writer by brusk · · Score: 4, Funny

    'specific designs to capture something and not leave traces ... This would be a nuclear bomb of malware.'

    Say what? Whenever I want to sneak in somewhere and get away all quiet-and-subtle-like, my first thoughts are of atomic weaponry. Want to steal sensitive documents? Just detonate a small thermonuclear device and no one will even realize you were there, and you'll leave no traces (unless you count a loud bang, bright light, mushroom cloud, charred corpses, fallout and a spike in cancer rates and radiation levels).

    Ninjas. Men in Black-style mindwiping. Cat burglar. Evil hypnotist. Lots of available analogies. Nuclear bomb ain't one of them.

    --
    .sig withheld by request