NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2009-q1

[ISN] Popular photo frames carry risk of infection

From: InfoSec News (alertsinfosecnews.org)
Date: Mon Jan 05 2009 - 02:00:20 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/01/01/BUV9150IH8.DTL

By Deborah Gage
Chronicle Staff Writer
January 2, 2009

Digital photo frames were one of the best-selling consumer electronics
products this holiday season, but some of them carried a nasty surprise
- malicious software code that tried to hop onto personal computers when
the frames were plugged in.

These popular devices are now so powerful that they've become computers
in themselves, although people who buy them don't always realize that.
And like computers, the frames are capable of carrying code that logs
keystrokes, steals data and calls out to other malicious code once it's
installed itself on a PC.

"Users don't realize that bad guys can make use of each and every
computer they can control, even if you don't do Internet banking or have
any sensitive information," said Karel Obluk, the chief technology
officer of AVG, a security vendor with offices in the United States and
Europe. "They can profit by spam or other illegal activities and make
(your) PC part of an illegal network. It's something that users should
always be reminded of."

No one knows how many infected digital photo frames are out there. But
the Consumer Electronics Association estimated that 7.4 million such
frames were sold in 2008 - up 41 percent from 2007 - and projected that
sales would jump again this year by 33 percent to more than 9.8 million
frames.

Among the frames reported to be infected this holiday season were a
Samsung 8-inch frame sold by Amazon.com, an Element 9-inch frame sold by
Circuit City and a Mercury 1.5-inch frame sold by Wal-Mart.

Amazon.com has e-mailed warnings to its customers about the Samsung
frame, but a Circuit City spokesman said the retailer wasn't aware of
any infections. After being contacted by The Chronicle, a Wal-Mart
spokeswoman said the company would remove the Mercury frames from its
Web site.

In 2007, Sam's Club - owned by Wal-Mart - also sold infected frames over
the holidays, according to customers who bought them, as did Best Buy,
Target and Costco.

American consumers shopped hard for bargains this year, and digital
photo frames have been good deals. Wholesale prices continue to drop -
Wal-Mart has been selling the Mercury frame, which comes embedded in a
key chain, for $24.

But the infected frames also show how risky it is to live with a global
supply chain where the cost of buying products at the lowest price means
those products can vary widely in quality.

[...]

_______________________________________________
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]