MP3 Players get Delivered with Unwelcome Infection

A MP3 players' shipment that Victory the Dutch firm sold in the past few months has been identified to contain Fujack worm. The worm manipulates the autorun configuration on Windows to become active as soon as a portable device is attached to the PC.

Senior Research Engineer Roel Schouwenberg for Kaspersky Lab wrote on a blog of the company that one computer user discovered the worm Worm.Win32.Fujack.aa on the Victory LT-200, a USB media player that Victory Nederland sold. CSOonline published this on January 7, 2008.

The event occurred after a wave of similar incidents in the recent months, where a number of different devices, all infected was offered for sale. The incident indicates that makers and suppliers of digital items need to maintain strict security protocols so that their goods and facilities are kept safe and clean.

Moreover, the incident serves to again alert users of the probable risks of autorun utilities that get active by default in Windows XP. The operating software works to allow automatic launch of devices and media but in the process could work as a convenient medium for malware to spread.

Phishers have at times used or rather abused the autorun function to attack specific companies by secretly leaving contaminated 'thumb drives' in parking zones of company cars hoping that someone will stumble on the drives and use them on his company system causing a security breach.

Viruses and worms on detachable storage devices could be particularly risky as software could be designed to run by default whenever the storage devices are inserted into a computer running Windows XP, Schouwenberg wrote. CSOonline reported this on January 7, 2008.

Roel Schouwenberg further wrote that the case clearly shows that users always need to be cautious while handling an unfamiliar external storage drive, whether it is for fresh use or for reuse.

According to security researchers, there have been cases in the past too of storage device infection during the process of manufacturing.

Last year in November, maker of computer hard drives, Seagate Technology, announced that its Maxtor drives had infectious program that captured online game passwords.

Related article: MoAB Disclose Two Bugs On Two Successive Days

» SPAMfighter News - 1/21/2008