December 27, 2008

New electronic Christmas gifts may have a special 'present'

As I celebrate this holiday season with my family and friends I'm finding myself busier than ever with security work - and it's not dealing with any infected PCs of my family and friends. You see, this year we have received more electronic devices that can plug into a computer than ever.

What's the big deal you ask? Concerns about malware-infected devices and their software.

Malware-infected devices isn't a new issue: we've had reports of new devices being infected with malware for the past couple years. This year is no different: I know first hand of several such instances where MP3 players or digital video frames come out of the box with this additional 'special gift' that when plugged into a computer drops malicious code onto it used to join botnets, steal Internet website account credentials, or who knows what. Oh, and it's not just the devices themselves, the software that comes with the hardware has had issues. Stories: Best Buy sold infected digital picture frames (Jan 2008) and here, Vuescape frames have infected software (Aug 2008), Samsung ships infected picture frame software CD (Dec 2008).

So while the percentage of these infected devices is still very low I'm still taking the precaution and plugging these things into my security test lab of 'victim' machines and will monitor what they do. Even if you don't have a lab like mine you can still exercise caution when hooking these up to your system. You can run system monitoring tools such as Process Monitor or Process Explorer from the brilliant folks in the Microsoft SysInternals team or a packet sniffer like Wireshark. You might also run something that monitors network connections, such as Windows built in utility NETSTAT (sorry, I don't know a Mac equivalent), while you plug the device in or install the software to see whether your machine visits a site on the Internet during the install and usage of the device and it's bundled software.

I'm raising an eggnog toast to all of us receiving electronic gifts without the special additional 'gift'. Hope your holiday is a malware-free one.


Securi-d said...

Greg, You forgot about my watch :)


Matt Neely said...

This Christmas I got digital picture frames for a bunch of folks in my family. But none of them had any malware cheer for me to play with. :-(