[ISN] Gaming mouse-maker Razer hit with infected firmware

[InfoSec News <alerts@xxxxxxxxxxxxxxx>]

http://www.computerworld.com/s/article/9138360/Gaming_mouse_maker_Razer_hit_with_infected_firmware?taxonomyId=17

By Robert McMillan
September 21, 2009
IDG News Service

Gamers trying to update their mouse or keyboard drivers from accessory 
maker Razer USA's Web site recently may have gotten more than they 
bargained for.

That's because the company's computers appear to have been hacked, and 
its support site used to spread malicious Trojan horse programs, 
according to Rik Ferguson, a researcher with Trend Micro. After hearing 
comments from concerned customers, Trend researchers took a look at 
Razer's drivers. They downloaded 8 infected drivers, and immediately 
contacted Razer. "They immediately took the site offline," he said in an 
instant message interview.

Customers who downloaded this software would get the drivers they 
requested, but they also got an obscure Trojan program called 
WORM.ASPXOR.AB. "The malware had very low detection rates, with only 7 
out of 41 vendors offering generic detection," Ferguson said.

To make matters worse, gamers often turn off their antivirus protection 
to speed up their gameplay, so some victims may have never had a chance 
of catching the Trojan.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org