Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2009-12-25 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Did any digital nasties show up under your tree this year?

Published: 2009-12-25
Last Updated: 2009-12-26 00:52:41 UTC
by Marcus Sachs (Version: 2)
2 comment(s)

As many of our readers may recall the past two years we had numerous reports of infected digital devices arriving as Christmas and holiday presents.  We believe that the global manufacturing process has improved based on consumer complaints, but there is always the possibility that something got through due to the complexity of the digital supply chain.  Let us know via our contact form if you, your family, or your friends received any malicious "value-added features" in electronic hardware either given or received as gifts.  We are especially interested in USB devices such as photo frames, GPS units, external hard drives, etc. since they seemed to be the items most vulnerable in the past.

Otherwise, have a safe and happy holiday season and best wishes to you and your families.

UPDATE 1

One person wrote us today to let us know that they had found an infected digital photo frame.  Here's what reader Vanessa said:

Installed install file on frame - was EXTREMELY quick at installing multiple files, links, and started to zip files and unzip processes ongoing. There were multiple suspicious processes with single letter names like c.exe or i.exe.   There were multiple links to porn sites put on the desktop as soon as the installation began.  This product was Smartparts digital picture frame optipix pro Item # SP800.

If any other readers have access to this particular photo frame please let us know if you have found any malware on it or if it is clean.

Marcus H. Sachs
Director, SANS Internet Storm Center

Keywords:
2 comment(s)
Diary Archives