Malware sold on two photo frame brands

Malware sold on two photo frame brands

The Samsung SPF-85H - pictured - and the Mercury 1.5" Digital Photo Keychain have both been sold with malware included.

If you've received one of those oh-so-popular digital photo frames this Christmas, you might want to give it a quick scan with an anti-virus package if you haven't already hooked it up.

According to Ars Technica, two digital photo frames from two separate companies have both been found to bundle copies of Windows-based malware for that extra holiday bonus.

The first frame, the Samsung SPF-85H 8-incher, is clean on its internal memory but includes a copy of the W32.Sality.AE worm in the Samsung Frame Manager 1.08 software on the bundled software CD-ROM. According to an e-mail sent from to its customers, the affected batch of frames was sold between October and December this year. Although the Sality worm can infect both XP and Vista, only XP users need to worry about this one – it's the installation of the XP-only driver software that triggers the malware.

As proof that misery likes company, purchasers of the 1.5” Digital Photo Keychain from Mercury – as sold across the US by retail giant Wal-Mart – have discovered a pair of suspicious files – DPFMate.exe and FEnCodeUnicode.dll - which appear to be infected with an as-yet unknown virus, as detected heuristically by on-line virus lab

This isn't the first time a digital photo frame has been fingered as patient zero for a virus epidemic: the combination of integral memory with a build-em-high, stack-em-cheap mentality means they are uniquely positioned to carry this kind of payload. Coupled with the fact that in order to display your photos on the device it must first be connected to your home PC, this makes them particularly nasty when they arrive with malware included.

Did any of our readers – or their families – get bitten by an infectious photo frame over the holiday period? Share your experiences over in the forums.


Discuss in the forums Reply
thehippoz 30th December 2008, 15:38 Quote
that's perfect.. the people who buy those types of frames are the perfect botnet types too :o
UrbanMarine 30th December 2008, 16:27 Quote
Didn't this happen before with another company over a year ago?
The Jambo 30th December 2008, 16:55 Quote
Yep, 2 or 3 more last year.

My question is how they get in there!? Surely they go through some sort of checking the files on the disc before releasing?
bilbothebaggins 30th December 2008, 17:07 Quote
Originally Posted by The Jambo
My question is how they get in there!? Surely they go through some sort of checking the files on the disc before releasing?
Probably the CD gets outsourced to X and those outsource the installer package for driver Y to company Z. Plenty of hands that stuff goes through. Plus, I doubt that they check the CD for anything if it 'works'.
UrbanMarine 30th December 2008, 19:29 Quote
The one i knew about involved a pissed off employee that put the virus on the picture frame itself not the CD included. He ran the machine that pre-programmed the frames and loaded the virus that way.
LordPyrinc 2nd January 2009, 23:47 Quote
Those digital picture frames are just a novelty in my opinion. Not worth the money.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.

Discuss in the forums