Car GPS Device Includes Malware, Infects PCs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
1/29/2007
07:38 PM
50%
50%

Car GPS Device Includes Malware, Infects PCs

The vendor rates the risk as "low," but security companies take issue with the defect.

Some TomTom satellite navigational devices used to keep drivers on the right road shipped with malicious code that tries to install onto any Windows PC the gizmo is connected to, the Amsterdam-based company confirmed Monday.

A "small, isolated number of TomTom GO 910's" manufactured during the fourth quarter of 2006 "may be infected by a virus," TomTom said in a statement. Althouth the TomTom GO 910 runs Linux and so is not affected by the malware, when the hardware is connected to a PC to back up its data, the virus tries to infect the computer.

TomTom pooh-poohed the risk, calling it "low" and telling users to update their PC's antivirus scanning software or, if they don't have the defense installed, to add it. "The Internet offers many free online virus scanners like Symantec and Kaspersky that will remove the virus safely from the TomTom GO 910 as soon as it is detected," the company said.

Security vendors didn't take such a laissez-faire attitude. Moscow-based Kaspersky Lab, for instance, disputed TomTom's claim that the malware risk was low.

Of the two pieces of malicious code added to the TomTom, one -- a Trojan dropper dubbed "Small.apl" -- not only installs the second, the relatively harmless "Perlovga.a" virus, but also adds a back door to the compromised PC. The back door could be used by an intruder to install other, more malicious, software on the PC.

"Even though it is a back door with limited functionality, [its] very presence changes the situation," said Roel Schouwenberg, a senior research engineer with Kaspersky, in an e-mail Monday.

Schouwenberg wasn't the only security researcher to take exception with TomTom's risk assessment.

"There are a number of postings on the Internet from TomTom purchasers asking for advice about the viruses, going back as far as September 2006," said Graham Cluley, a Sophos senior technology consultant, in another statement. "But they are the lucky ones who were running an antivirus product and caught the infection before it could cause too much harm. What's more worrying is how many innocent consumers may be out there who don't know they might have passed an infection onto their Windows PCs."

The incident follows a notable pair in 2006 when device makers passed malware along to users. In October, Apple admitted that some of its Video iPods were infected with a Windows worm, while only days earlier the Japanese subsidiary of fast food company McDonald's recalled more than 10,000 Trojan horse-infected MP3 players that had been given as contest prizes.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
News
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
News
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll