Malware sold on two photo frame brands

December 30, 2008 | 14:25

Tags: #infection #malware #mercury #virus #worm

Companies: #samsung

If you've received one of those oh-so-popular digital photo frames this Christmas, you might want to give it a quick scan with an anti-virus package if you haven't already hooked it up.

According to Ars Technica, two digital photo frames from two separate companies have both been found to bundle copies of Windows-based malware for that extra holiday bonus.

The first frame, the Samsung SPF-85H 8-incher, is clean on its internal memory but includes a copy of the W32.Sality.AE worm in the Samsung Frame Manager 1.08 software on the bundled software CD-ROM. According to an e-mail sent from to its customers, the affected batch of frames was sold between October and December this year. Although the Sality worm can infect both XP and Vista, only XP users need to worry about this one – it's the installation of the XP-only driver software that triggers the malware.

As proof that misery likes company, purchasers of the 1.5” Digital Photo Keychain from Mercury – as sold across the US by retail giant Wal-Mart – have discovered a pair of suspicious files – DPFMate.exe and FEnCodeUnicode.dll - which appear to be infected with an as-yet unknown virus, as detected heuristically by on-line virus lab

This isn't the first time a digital photo frame has been fingered as patient zero for a virus epidemic: the combination of integral memory with a build-em-high, stack-em-cheap mentality means they are uniquely positioned to carry this kind of payload. Coupled with the fact that in order to display your photos on the device it must first be connected to your home PC, this makes them particularly nasty when they arrive with malware included.

Did any of our readers – or their families – get bitten by an infectious photo frame over the holiday period? Share your experiences over in the forums.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04