back to article Adware slips between pages of e-book

An adware package has turned up on the latest e-book devices from iRex, and will install itself automatically onto a connected PC if it gets the chance. The infection appears to be the imgInSOY worm, which copies itself between removable media and uses autorun.inf to infect any Windows system it comes across. In addition to …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    maybe

    maybe they should listen to their own advice and run anti-virus in their office so that workers can't infect machines by accident.

  2. dean mitchell
    Pirate

    Hmmm....

    Is it just me or is there an increasing number of these happenings.

  3. Anonymous Coward
    Anonymous Coward

    Another reason

    Why USB devices such as keys, Ipods etc shouldnt be allowed anywhere near the corporate network.

    This kind of thing could well be more of a problem than data theft that these devices are advertised as being capable of by the sofftware vendors.

    Disable USB in bios (password Protected) PS2 keyboards and Mice only

  4. jubtastic1
    Pirate

    Heh

    Factory worker accidentally infects device image master? totally plausible scenario.

  5. TeeCee Gold badge
    Happy

    You couldn't make this up.

    The Iliad has a Trojan Horse in it?

    If there were ever a definition of poetic justice, this has to be it.

  6. Graham Bartlett

    But but but but...

    ...it's Linux, how can it have malware on it?!

    </irony>

  7. Rob Beard
    Linux

    @ Graham

    The device is Linux powered, BUT it is detected as a mass storage device by Windows. It's not Linux itself that is infected by the trojan(chances are if someone hacked about with the device and installed Wine there is the possibility that it would at least attempt to run the trojan, but that wouldn't happen automatically, and there's no guarantee that Wine would run it anyway!).

    It's just the same as if someone had a trojan on USB pen drive, CD/DVD, iPod, the device themselves don't run the trojan (I haven't yet heard of an iPod running Windows), it's the Windows device with it's Autorun enabled that is running trojan.

    I find it shocking that it made it through quality control to be honest.

    Rob

  8. Dr. Vesselin Bontchev
    Boffin

    Autorun doesn't work from USB drives in Windows

    http://www.microsoft.com/whdc/device/storage/usbfaq.mspx

    Q: What must I do to trigger Autorun on my USB storage device?

    The Autorun capabilities are restricted to CD-ROM drives and fixed disk drives. If you need to make a USB storage device perform Autorun, the device must not be marked as a removable media device and the device must contain an Autorun.inf file and a startup application.

  9. KarlTh

    @Dr. Vesselin Bontchev

    But it's not hard to make it autorun:

    "The removable media device setting is a flag contained within the SCSI Inquiry Data response to the SCSI Inquiry command. Bit 7 of byte 1 (indexed from 0) is the Removable Media Bit (RMB). A RMB set to zero indicates that the device is not a removable media device. A RMB of one indicates that the device is a removable media device. Drivers obtain this information by using the StorageDeviceProperty request." (same link)

    I wouldn't be surprised if hardware manufacturers like to "help" people by enabling autorun in this way.

  10. Mike Flugennock
    Alert

    Proof-of-concept for Adobe?

    Didn't El Reg run a story a couple of months back about Adobe and Yahoo!(?) entering into a deal to _deliberately_ infect .pdf documents with adware?

    I know, these types will always _claim_ it's "accidental", but somehow it sounds like a proof-of-concept of some sort, to me.

  11. Anonymous Coward
    Anonymous Coward

    Re: Proof-of-concept for Adobe?

    Did you mean this, from November?

    http://www.theregister.co.uk/2007/11/29/yahoo_adobe_pdf_advert/

  12. Anonymous Coward
    Coat

    Stop horsing around

    Never trust a Philippino bearing gifts!

    Mine's the jacket next to the large shoe collection.

  13. Steve Roper
    Paris Hilton

    Accident my arse

    More likely that factory worker was slipped a few dollars by a VX gang: "Hey matey, if you just pop this file into the master disc for us we'll see your family gets fed for another week". Given the two cents an hour those workers probably earn, and the violence with which they are all too familiar, it would have been an "offer too good to refuse"...

    Paris because she knows the effectiveness of slipping third-world workers a few dollars...

This topic is closed for new posts.