Feeds

TomTom includes Trojans with satnav device

Mickey included for no added fee

The Power of One eBook: Top reasons to choose HP BladeSystem

A small number of satellite navigation devices manufactured last year by TomTom were shipped containing malware, the company confirmed in a terse statement that raised more questions - and user ire - than answers.

An "isolated, small number" of TomTom's GO 910 models produced in September and November may be infected with a virus, TomTom warned, following a report over the weekend that one of the company's satnav devices packaged two separate Trojans at no charge. They included the win32.Perlovga.A and TR/Drop.Small.qp Trojans, which were stowed away within the copy.exe and host.exe files.

TomTom's advisory rates the malware as low-risk and says users should update their virus scanner's definitions and let it at the wayward satnav device.

According to the report, posted by tech journalist Davey Winder, the Trojans were included on the hard drive of 910 models running version 6.51 of TomTom's software. As of the writing of this article, security providers hadn't provided an independent assessment of the payload.

Sophos, however, reminded readers that TomTom's blunder was only the latest example of a vendor slipping its customers an electronic mickey. Other examples, according to Sophos, included Apple video iPods that shipped last year with the Troj/Bdoor-DIJ Trojan horse and a Japanese subsidiary of McDonald's that shipped MP3 players containing spyware.

TomTom has yet to issue an apology, explanation of how the malware managed to come factory installed or what steps the company is taking to ensure such nasties are not included in future releases.

"Customers that do not have virus scanning software are advised to install virus scanning software," TomTom said. Until then, please keep your eyes on the road and ignore the porn pop ups. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.