Gaming mouse-maker Razer hit with infected firmware
Gamers trying to update their mouse or keyboard drivers from accessory maker Razer USA's Web site recently may have gotten more than they bargained for.
That's because the company's computers appear to have been hacked, and its support site used to spread malicious Trojan horse programs, according to Rik Ferguson, a researcher with Trend Micro. After hearing comments from concerned customers, Trend researchers took a look at Razer's drivers. They downloaded 8 infected drivers, and immediately contacted Razer. "They immediately took the site offline," he said in an instant message interview.
Customers who downloaded this software would get the drivers they requested, but they also got an obscure Trojan program called WORM.ASPXOR.AB. "The malware had very low detection rates, with only 7 out of 41 vendors offering generic detection," Ferguson said.
To make matters worse, gamers often turn off their antivirus protection to speed up their gameplay, so some victims may have never had a chance of catching the Trojan.
Based on the complaints, Ferguson believes that the malicious Trojans were probably available on Razer's Web site for just a few days.
Company spokesman Heathcliff Hatcher couldn't say exactly what had happened to cause the infected downloads. But he said that his company was working with Trend Micro to investigate the issue. The company's main Web site was still active Monday afternoon, but its support site had been taken offline. Visitors were greeted with the message, "Woops. We had to bring down Razer Support for the time being for a quick fix."
Based in Carlsbad, California, Razer makes cool-looking accessories such as mice and keyboards designed to give customers and edge when they play PC games.
The company is just the latest in a growing list of hardware makers who have been duped into infecting their own customers. Three years ago, Apple shipped a small number of video iPods infected with a virus. Apple blamed the issue on an infected Windows machine, used to test the devices before they were shipped. Hard drive maker Seagate and computer retailer Best Buy have also shipped infected products in the past few years.
Ferguson couldn't say whether Razer's Web site had been hacked or if the security breach had occurred on other company systems. "It's impossible to know," he said.
Razer customers who think they may have been infected can try Trend'sfree House Call service to see if they've been hit.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
Razer USA
Powered by TwitterOn Twitter now
Razer USA
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
