After the persistent queries of IT journalist Davey Winder, the makers of satellite navigation device TomTom GO 910 have confirmed reports that two Trojans are embedded in items produced from September to November last year. This is reminiscent of the incident in Japan only in October last year, when the local McDonald’s gave away prize MP3 players that contained WORM_QQPASS.ADH, prompting the food chain to do a mass-recall and a public apology.
Because TomTomis Linux-based, the Trojans, which are designed to run on Windows, do not directly affect them. However, the real problem for the user begins when he or she connects the device to Windows platforms via USB ports.
Interestingly, the Trojans are pretty old. One of them, TROJ_PERLOVGA.A, has been detected by Trend Micro as early as June last year. The other Trojan is caught by the generic pattern TROJ_GENERIC. Users with updated antivirus products are thus protected from the threat.
Users can derive two lessons from this incident. First, nowadays, even fresh-off-the-shelf products are not completely safe from threats, so precaution is key. Any storage device can be inhabited by threats, so users are advised to scan removable devices before use. Which brings us to the second lesson.
This incident brings to light the importance of having antivirus products that provide timely updates. Even with safe computing practices, unexpected cases like this still bring threats. In fact, the makers of TomTomdid not do a recall, advising instead their customers to get rid of the Trojans by using antivirus products.
It is not clear how the Trojans got into the products, but the company insisted that it was an isolated case. Customers without an antivirus product were advised to install one.
Davey Winder’s complete documentation of the incident, as well as the full statement from the company, can be found here: http://www.daniweb.com/blogs/entry1276.html.