Japan IT press is reporting that digital photo frames shipped for Christmas are infected this year too. Does this ring a bell? Dejavu? Well, because it happened last year too; as chronicled at SANS, here, and here. Now, if you click on any one of the three previous links, please pay attention to the date – exactly one year ago. Not many security news items break in Japanese before the English publications, but here is the report paraphrased.
The original report comes from the SANS Internet Storm Center that states digital photo frames made by Smartparts introduces various questionable malware files when the installation files for the product are opened. Such files include “c.exe” and “i.exe” that initiate questionable processes named the same on the infected machines, which connect to pornography web sites.
SANS states that this is not confirmed to be malware, and states that supply chain tracking for such digital products is difficult, therefore, end-users should take caution when installing such USB connected devices on systems.