TomTom Devices Found Infected With Trojans

A collection of a certain satellite navigational device that keep drivers on the right route and direction shipped malicious code, trying to install onto the Windows PC to which the device is fitted. On January 29, 2007, the Amsterdam-based company TomTom noted that some of its recent GO 910 devices were shipped with pre-installed Windows virus.

The company said it has found a small number of GO 910, introduced during the last quarter of 2006, infected by a Trojan. The Trojan horse is understood to be low-risk that does not make any impact on the navigational operation of the devices. It is possible to safely remove the virus by using virus-scanner. The company assured in a statement via its website that appropriate steps have been adopted to prevent it from occurring again.

The Linux-based sat-nav devices of TomTom carry malware that starts behaving maliciously when connected to a Windows PC via USB. The company confirms that the viruses in the device aren't harmful. However, it recommends GO 910 users should update their virus scanner and use it for removing the 'copy.exe' file, 'host.exe' file or any other infected variant.

The anti-virus software identified two viruses as Win32.Perlovga. A Trojan and TR/DROP.Small.qp on one user's PC soon after plugging the device into it.

A number of TomTom purchasers as far back as in September 2006 posted on the Internet asking for advice related to the viruses, according to Graham Cluley, senior technology consultant for Sophos via a company press release. Fortunately they were running an anti-virus protection that was able to isolate the infection before it could cause any destruction. The worrying part is about many innocent consumers who could be unaware that an infection might have passed onto their Windows PC.

The accidental distribution of malicious code by manufacturers on their hardware products had happened in the past too. In October 2006 Apple shipped a number of its Video iPods that contained the Windows virus, RavMonE.exe, assumed to have infected during product testing. Same month McDonalds of a Japanese branch recalled 10,000 MP3/players when it found spyware hidden in the device.

» SPAMfighter News - 2/1/2007