Slashdot Mirror

← Back to Stories (view on slashdot.org)

Walmart Photo Keychain Comes Preloaded With Malware

Posted by timothy on from the caveat-maxima-emptor dept.

Blowit writes "With the Christmas holidays just past and opening up your electronic presents may get you all excited, but not for a selected lot of people who got the Mercury 1.5" Digital Photo Frame from Walmart (or other stores). My father-in-law attached the device to his computer and his Trend Micro Anti-virus screamed that a virus is on the device. I scanned the one I have and AVAST did not find any virus ... So I went to Virscan.org to see which vendors found what, and the results are here and here." Update: 12/29 05:44 GMT by T : The joy is even more widespread; MojoKid points out that some larger digital photo frames have been delivered similarly infected this year, specifically Samsung's SPF-85H 8-inch digital photo frame, sold through Amazon among other vendors, which arrived with "W32.Sality.AE worm on the installation disc for Samsung Frame Manager XP Version 1.08, which is needed for using the SPF-85H as a USB monitor." Though Amazon was honest enough to issue an alert, that alert offers no reason to think that only Amazon's stock was affected.

5 of 224 comments (clear)

  1. that's why USB autoplay is a bad idea by lysergic.acid · · Score: 4, Interesting

    this time it seems like it was the vendor's screwup, which is very rare, but it's very easy for someone to have a clean USB stick, then plug it into an infected PC and unknowingly get a trojan written to the USB stick.

    i recently had close call myself when i took my PSP to work and plugged it into a workstation (i had some utilities and e-books saved on the memory stick). when i got home and plugged the PSP into my desktop, i noticed the PSP memory stick was displayed with an odd icon in My Computer. so i looked at the root directory and found a suspicious .exe file that i hadn't placed there, which was also referenced by a new autorun.inf file.

    with thumbdrives, external hard drives, portable media players, and other flash memory devices becoming increasingly common, i expect more and more malware writers will exploit them as an infection vector, especially as autoplay is usually enabled by default on Windows systems. the only reason i had autoplay disabled was because i found it annoying, and that's the only reason i lucked out.

    1. Re:that's why USB autoplay is a bad idea by Beardo+the+Bearded · · Score: 3, Interesting

      Funnily enough, there's a rumour going around that USB sticks were used to hack into the Pentagon:

      http://catless.ncl.ac.uk/Risks/25.47.html#subj5

      From the link:
      If true, it was a simple but brilliantly effective method. Someone infected thumb drives with the WORM then dropped them around the Pentagon parking lot. The employees, picked them up, took them into their offices and plugged them into their office computers to determine the owner of the drive.

      --

      ---
      ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
  2. Re:Packer by ianare · · Score: 3, Interesting

    I've had cases where executables created with py2exe were triggering virus scanners. A few users reported this to the virus scanning companies, and the problem went away the next time the virus databases were updated.

  3. Why are you so shocked? by OrangeTide · · Score: 4, Interesting

    You think they buy virus scanner software in a Chinese factory? No, these guys cut every corner they can to meet those razor thin profit margins.

    --
    “Common sense is not so common.” — Voltaire
  4. Re:Packer by Opportunist · · Score: 3, Interesting

    Interesting. What packer would that be?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.