Wednesday, September 15, 2010

Buffalo QA fail results in NTT Hikari Portable malware infestation

A massive quality assurance fail by Buffalo Inc resulted in a number of NTT's Hikari Portable 3G routers being shipped preinstalled with an unwanted feature, malware. Potentially infected products include the NTT-branded PWR-100D and PWR-100F, as well as the Buffalo-branded DWR-PG. If you own one of these products, you can check to see if your router is infected at either NTT's or Buffalo's sites by submitting your serial number.

Only unprotected versions of MS Windows, from 98 to 7, are at risk. Thus far, all detected malware are known to security product vendors, so a computer running security software with an up to date definitions file should not have been infected. Also, malware installation would only have occurred if the PC was directly connected to the router by USB.

How did this happen? I don't know whether to laugh or cry.

During the QA checks, a sample of finished products were pulled and checked for defects. Unfortunately, one of the machines used for these quality checks was infested with all sorts of bad stuff. This table from IT Media lists what has been found so far as reported by various security packages. NTT also has a list (PDF) of detected malware.

Names of malware reported by major security software
Software nameMalware nameDetected File
ウイルスセキュリティZERO
(ソースネクスト)
Autorun.inf
EmailWormExplorer.exe
Trojanimages.exe
ウイルスバスター
(トレンドマイクロ)
Mal_Otorun1Autorun.inf
WORM_VB.DVPExplorer.exe
WORM_AUTORUN.EIKimages.exe
Norton Antivirus
(symantec)
Autorun.inf
Infostealer.LineageExplorer.exe
Trojan Horseimages.exe
F-Secure
(F-Secure)
Trojan.Autorun.AEXAutorun.inf
Trojan.Agent.VB.HExplorer.exe
Gen Pack:BAckdoor.Generic.202141images.exe
McAfee
(McAfee)
W32/Conficker.worm!infAutorun.inf
Generic PWS.gExplorer.exe
W32/Autorun.worm.dq.genimages.exe

1 comment:

  1. Android 2.2 update coming October 8 for HTC Desire on Softbank.

    http://mb.softbank.jp/mb/product/X/x06ht2/feature_1.html

    ReplyDelete