funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Gadgets as a malware infection vector.....

From: <rms () computerbytesman com>
Date: Thu, 31 Jan 2008 13:02:54 -0500
http://isc.incidents.org/diary.html?storyid=3892

Here is what we know so far:

*       Five digital photo frames from Advanced Design System were bought at
various Sam's Clubs containing malware.
*       Best Buy pulled from the shelves several thousand digital photo
frames from Insignia that contained malware.
*       Our readers reported more malware found on other devices such as 

*       a set of MP3 playing sunglasses (store where sold is not known)
*       a 250GB Maxtor External One Touch Backup from Radio Shack
*       a "Flip Video Camera" from a California Costco
*       a MemoryVue 1040 Plus digital photo frame from Digital Spectrum
Incorporated that was purchased at a Canadian Costco
*       an 8-inch Castleton digital photo frame from Uniek that was
purchased at a Target
*       a Maxtor One Touch 250GB external hard drive purchased at Fry's
Electronics

We do not think that these situations are related but they do paint a
picture of a new attack vector, the supply chain.  By the supply chain, we
mean this process:

Factory -> Shipping -> Distributer -> Shipping -> Warehouse -> Shipping ->
Retail Store -> Customer

Several readers have submitted ideas about how these devices got infected:

*       The user's computer was already infected but the user did not know
it
*       The device was infected by a customer then returned to the store
where it was repackaged and resold
*       A store employee infected the device as a prank
*       A customer infected the device as a prank
*       The retail store is not "clean" but checked returned electronics
items with an infected computer, thus spreading malware from one returned
product to another
*       The distributer or the warehouse infected the device
*       One or more of the shipping companies infected the device
*       It was infected at the factory

 


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: