Peripheral manufacturer Razer was left with egg on its face this week by the revelation that it had been unwittingly distributing malware with its driver updates.
The Trojan - troj.dropper.jiz
, which downloads and installs a copy of worm.aspxor.ab
- was spotted on Razer's product support website by anti-virus vendor Trend Micro
- and reported by DownloadSquad
- earlier this week.
Trend Micro's analysis of the website has shown that at least eight separate driver packages offered by Razer's support site came with the unwanted bonus, and the company claims that only "7 out of 41 [anti-virus] vendors offered generic detection
" of this particular worm - meaning it's potentially difficult for an end-user to know that they've been infected.
The worm, which spreads by opening a random TCP port on the infected system and connecting to external SMTP servers in order to send spam with itself as an attachment, isn't a particularly nice thing to have installed on your system: accordingly, Razer are advising users to make use of free anti-virus scanners available online from Trend Micro
Razer has temporarily taken its support site offline while it investigates the issue and checks to make sure it has caught all instances of the Trojan before making driver downloads available once more.
This isn't the first time a trusted brand has been subverted to spread malware, of course: sites as big as The New York Times
have been used to peddle Trojans in the past, and even computers which aren't connected to the Internet aren't necesarilly safe with peripherals
and even the computers themselves
coming pre-loaded with viruses. The lesson is: if you use Windows, install an anti-virus package.
Any Razer users worried that they might have opened their system up to abuse by updating their mouse drivers, or is the issue unlikely to have spread very far before being noticed? Share your thoughts over in the forums