Monday, February 18, 2008

You know that digital picture frame you got for Christmas? You might really be screwed, as many contain one nasty virus.

This sounds really, really bad. From the Seattle Post-Intelligencer:

An insidious computer virus recently discovered on digital photo frames has been identified as a powerful new Trojan Horse from China that collects passwords for online games -- and its designers might have larger targets in mind.

"It is a nasty worm that has a great deal of intelligence," said Brian Grayek, who heads product development at Computer Associates, a security vendor that analyzed the Trojan Horse.

The virus, which Computer Associates calls Mocmex, recognizes and blocks antivirus protection from more than 100 security vendors, as well as the security and firewall built into Microsoft Windows. It downloads files from remote locations and hides files, which it names randomly, on any PC it infects, making itself very difficult to remove. It spreads by hiding itself on photo frames and any other portable storage device that happens to be plugged into an infected PC.

The authors of the new Trojan Horse are well-funded professionals whose malware has "specific designs to capture something and not leave traces," Grayek said. "This would be a nuclear bomb" of malware.

By studying how the code is constructed and how it's propagated, Computer Associates has traced the Trojan to a specific group in China, Grayek said. He would not name the group.

The strength of the malware shows how skilled hackers have become and how serious they are about targeting digital devices, which provide a new frontier for stealing information from vast numbers of unwary PC owners. More than 2.26 million digital frames were sold in 2007, according to the Consumer Electronics Association, and it expects sales to grow to 3.26 million in 2008.

The new Trojan also has been spotted in Singapore and Russia and has 67,500 variants, according to Prevx, a security vendor headquartered in England.

Grayek said Mocmex might be a test for some bigger attack, because it's designed to capture any personal, private or financial information, yet so far it's only stealing passwords for online games.

"If I send you a package but it doesn't explode, why did I send it?" he said. "Maybe I want to see if I can get it out to you and how you open it."

Now, I know that pretty much any digital device can contain nasty software in it, but who would have thought you might be giving someone the mother of all computer viruses to your parents for Christmas?

This will be really interesting to see if something actually comes of this “Trojan Horse”. I can’t imagine that someone would go to these lengths with this amount of knowledge without really wanting to do something malicious. This seems like a plot out of a graphic novel or something, evil Chinese group out to crash all the computers of the world simultaneously.

Welcome to the 21st Century.

No comments: