Gaming mouse-maker Razer hit with infected firmware
Gamers trying to update their mouse or keyboard drivers from accessory maker Razer USA's Web site recently may have gotten more than they bargained for.
That's because the company's computers appear to have been hacked, and its support site used to spread malicious Trojan horse programs, according to Rik Ferguson, a researcher with Trend Micro. After hearing comments from concerned customers, Trend researchers took a look at Razer's drivers. They downloaded 8 infected drivers, and immediately contacted Razer. "They immediately took the site offline," he said in an instant message interview.
Customers who downloaded this software would get the drivers they requested, but they also got an obscure Trojan program called WORM.ASPXOR.AB. "The malware had very low detection rates, with only 7 out of 41 vendors offering generic detection," Ferguson said.
To make matters worse, gamers often turn off their antivirus protection to speed up their gameplay, so some victims may have never had a chance of catching the Trojan.
Based on the complaints, Ferguson believes that the malicious Trojans were probably available on Razer's Web site for just a few days.
Company spokesman Heathcliff Hatcher couldn't say exactly what had happened to cause the infected downloads. But he said that his company was working with Trend Micro to investigate the issue. The company's main Web site was still active Monday afternoon, but its support site had been taken offline. Visitors were greeted with the message, "Woops. We had to bring down Razer Support for the time being for a quick fix."
Based in Carlsbad, California, Razer makes cool-looking accessories such as mice and keyboards designed to give customers and edge when they play PC games.
The company is just the latest in a growing list of hardware makers who have been duped into infecting their own customers. Three years ago, Apple shipped a small number of video iPods infected with a virus. Apple blamed the issue on an infected Windows machine, used to test the devices before they were shipped. Hard drive maker Seagate and computer retailer Best Buy have also shipped infected products in the past few years.
Ferguson couldn't say whether Razer's Web site had been hacked or if the security breach had occurred on other company systems. "It's impossible to know," he said.
Razer customers who think they may have been infected can try Trend'sfree House Call service to see if they've been hit.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
Razer USA
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
