Feeds

Hardware biz issued trojan-laced drivers, says researcher

Razer burn

Internet Security Threat Report 2014

A maker of hardware for computer gamers has taken its support site offline following a report that it was surreptitiously distributing malware on its downloads section.

Carlsbad, California-based Razer took the precautionary move after Rik Ferguson, a senior security adviser in Europe with anti-virus firm Trend Micro, warned users could be at risk.

"A large amount of the device drivers offered for download at the Razer support site were infected with a Trojan," Ferguson wrote Monday. "It is unclear how long the problem has been ongoing, so in the meantime, if you downloaded anything from Razer recently, head over to HouseCall and run a full system scan and clean up if necessary."

Razer spokesman Heathcliff Hatcher said company officials weren't immediately able to confirm Ferguson's report, but decided to temporarily close the support site out of an abundance of caution.

"We're still investigating," he told The Register. "We've taken the support site down as a precaution to our customers. We are definitely giving it its due weight. It's a very serious concern for the company, and that's why we've gone ahead and taken the support site down."

According to Ferguson, the trojan was activated when users clicked on a link used to download drivers from the website. A recent analysis by VirusTotal shows the malware is detected by just seven of the 41 major AV products. The trojan then caused users to download a file named usbctl.exe, which installed another piece of malware known as WORM.ASPXOR.AB in a computer's system directory.

Ferguson said he was still awaiting a more thorough analysis from Trend Micro labs about exactly what the malware does. He said that based on a quick search of gaming forums, it appeared the attacks began in the past 24 to 36 hours. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.