Watch out - that digital picture frame you got for Valentines Day pictures could hurt you!

Sunday, February 17 2008 @ 01:04 AM UTC

I've been following a number of stories of various digital devices arriving from the store with viruses on them - viruses that infect the computer you use to load/unload them.

The include everything including MP3 players, Disk backup systems, digital cameras and the new "digital picture frame" that shows a series of pictures you load from your computer.

The initial reports seemed sporadic, and SANS put many of them down to devices that had been returned to the store after initial purchase, where the initial purchaser's system had infected the device either inadvertently or purposely, and the store had simply put the device back on the shelf without checking it.

At least one device - a MP3 playing set of sunglasses - came to everyone with an extra gift of an infection courtesy of the manufacturer, however it is likely there have been more.

The most recent notice comes from the San Francisco Chronicle (www.sfgate.com) that identifies a new Trojan virus that collects passwords for online games. It is a "nasty worm that has a great deal of intelligence," says Brian Grayek of Computer Associates, a security vendor that analyzed the "Mocmex" virus as they call it.

It appears that these devices may be using a facility in USB that makes Windows think the device is a CD ROM/DVD drive. By default, Windows does NOT allow a USB flash drive to "auto run" but by making the device look like a CD ROM, the manufacturers open your computer up to shenanigans by the virus.

This points up the fact that all manner of computer people should ensure that their operating systems are set up to not automatically mount and execute CDs.

Turning off autorun is something that I think should be an easy option under any operating system - and to be frank, in this day and age it should be OFF by default in my opinion. But... it used to be easy (Windows 95/98/ME) but now requires editing the registry - not for the faint of heart.

The following two links provide not only the information on how to turn the autorun off, but also other information you might find valuable:

http://autorun.moonvalley.com/enable.htm - just turn on/off autorun

http://www.autorun.co.uk/autorun-problems.htm on/off and lots more

As always, if you don't want to do this yourself, you'll likely have a 12 year old handy - or even an 8 year old these days :) but if not, I'm available to talk you through it or find someone local to you to help.

Original San Francisco Article

richard

Comments (0)

Richard's Digital Rag Daily
http://blog.pacdat.net/article.php/20080216180456346