Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    After the persistent queries of IT journalist Davey Winder, the makers of satellite navigation device TomTom GO 910 have confirmed reports that two Trojans are embedded in items produced from September to November last year. This is reminiscent of the incident in Japan only in October last year, when the local McDonald’s gave away prize MP3 players that contained WORM_QQPASS.ADH, prompting the food chain to do a mass-recall and a public apology.

    Because TomTomis Linux-based, the Trojans, which are designed to run on Windows, do not directly affect them. However, the real problem for the user begins when he or she connects the device to Windows platforms via USB ports.

    Interestingly, the Trojans are pretty old. One of them, TROJ_PERLOVGA.A, has been detected by Trend Micro as early as June last year. The other Trojan is caught by the generic pattern TROJ_GENERIC. Users with updated antivirus products are thus protected from the threat.

    Users can derive two lessons from this incident. First, nowadays, even fresh-off-the-shelf products are not completely safe from threats, so precaution is key. Any storage device can be inhabited by threats, so users are advised to scan removable devices before use. Which brings us to the second lesson.

    This incident brings to light the importance of having antivirus products that provide timely updates. Even with safe computing practices, unexpected cases like this still bring threats. In fact, the makers of TomTomdid not do a recall, advising instead their customers to get rid of the Trojans by using antivirus products.

    It is not clear how the Trojans got into the products, but the company insisted that it was an isolated case. Customers without an antivirus product were advised to install one.

    Davey Winder’s complete documentation of the incident, as well as the full statement from the company, can be found here:

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice