“Beware of Greeks bearing gifts” is the old saying associated with the story of the Trojan horse — the same story that gives Trojan viruses their name. In 2008, a more appropriate saying would have been “beware of relatives bearing digital photo frames.”
The Insignia NS-DPF10A digital frame sold at Best Buy — as well as models sold at Costco, Sam’s Club, and Target — included a nasty “gift with purchase”: the Trojan virus Mocmex. Made in China, the frames picked up the virus during the manufacturing process, and they passed Mocmex to PCs when connected via USB cable.
Only machines running Windows were vulnerable. Mocmex was able to block more than 100 types of antivirus software, as well as bypass the Windows firewall. Although initially designed to steal computer gaming passwords, Mocmex had the capability to steal basically any piece of data.
Security experts adapt to Trojans
In addition to Mocmex, the frames also contained four other Trojans, including W32.Rajump, which shipped on some iPods in 2006. Security experts believed the other Trojans served as “markers” for botnets, and that the cumulative effect of the Trojans suggested more sinister plans than stealing gaming credentials.
Once discovered, retailers issued consumer advisories, suggesting frame owners connect the device to a PC to run antivirus software and eradicate the Trojan. At Best Buy, the Geek Squad assisted with the process.
The Mocmex incident wasn’t the only photo fame malware of 2008. A Samsung photo frame and a Mercury photo keychain sold during the 2008 Christmas season also carried a little something extra.
Photo: OndroM / Shutterstock