Sunday, February 17, 2008

Use Photo Frames?

If you use photo frames on your PC, pay attention.

An insidious computer virus recently discovered on digital photo frames has been identified as a powerful new Trojan Horse from China that collects passwords for online games - and its designers might have larger targets in mind.

"It is a nasty worm that has a great deal of intelligence," said Brian Grayek, who heads product development at Computer Associates, a security vendor that analyzed the Trojan Horse.

The virus, which Computer Associates calls Mocmex, recognizes and blocks antivirus protection from more than 100 security vendors, as well as the security and firewall built into Microsoft Windows. It downloads files from remote locations and hides files, which it names randomly, on any PC it infects, making itself very difficult to remove. It spreads by hiding itself on photo frames and any other portable storage device that happens to be plugged into an infected PC.

I'd seen a story about this stuff 10 days ago. Nasty.

The initial reports of infected frames came from people who had bought them over the holidays from Sam's Club and Best Buy. New reports involve frames sold at Target and Costco, according to SANS, a group of security researchers in Bethesda, Md., who began asking for accounts of infected devices on Christmas Day. So far the group has collected more than a dozen complaints from people across the country.

Few security vendors have developed preventives for this, so far.


Pete Fanning said...

According to the SANS alert back on the 6th, Best Buy's hit was limited to the Insignia 10.4 inch version (model# NS-DPF10A).

I would venture a guess that those customers who already have Autorun disabled are OK, but I would still contact Best Buy if you have that model or are concerned about any potential model from Sam's Club from Advanced Design Systems.

Billiam said...

But, but, why would China do something like this. They're our friend, after all, aren't they?