Security Bullet In
Communiques from the security front, sir
Wednesday 30 January 2008, 5:39 PM
Digital photo frames infected
There's a very interesting thread on the SANS Handler's Diary about photo frames that have been infected with malware.
Apparently, US store Best Buy pulled thousands of photo frames manufactured by Insignia after it was discovered the frames were infected with a virus.
Insignia has put up an apology on its site, but doesn't seem to have provided many technical details.
SANS says that this is a possible new attack vector: infection through the supply chain.
A linked idea has been around for a while - as devices become 'smarter' and are hooked up to the internet, they also become a means to subvert computer systems. Your smart fridge could eventually be a conduit to your data...
PreviousComments on this post
It looks like this was it a simple PC virus lurking in the photo frame hardware and not a purpose written nasty. However there is a real threat here.
There was a rumour that during the first Gulf War a number of printers manufactured by a French company and ordered by the Iraqi military were purportedly modified by American Intelligence en route and sent on to their destination in Baghdad. The story goes that these printers then infected the host PC's they were connected to bringing the Iraqi Anti Aircraft defense system to its knees.
I don't know if that story is true, but it does demonstrate the concept. We already have criminals seeding infected flash drives for way too trusting professionals to then plug into their corporate networks and cause all sorts of trouble.
How long before the terrorists catch on and emulate what the Americans are reputed to have done?
