Best (not to) Buy infected picture frames

We had a couple of queries about the interesting story published yesterday by MSNBC.

It seems that many people, while purchasing digital picture frames as Christmas presents for their friends and family, received more than they were hoping for. The stock of electronic retailer Best Buy allegedly contained a significant number of Insignia’s digital photo frames (model number NS-DPF10A) infected by a virus. The virus attempted to infect users’ computers when the frame was connected to the computer to transfer digital photographs.

insignia

Insignia has confirmed that some of the frames did indeed contain a virus. At the moment, it is not known to us which virus infected the frames, but we will try to get a sample and make sure we detect it. Since not all frames contain the virus, we will not be able to simply buy a frame, as was the case with some previous malware (for example, Sony’s DRM rootkit).

Most digital photo frames have a USB interface which allow them to appear as removable drives in Windows and to store data, similar to any other USB removable media. In the past we have been writing about viruses affecting USB media and this digital photo frame infection is not much different.

We can ask ourselves how has the virus infected the frames in the first place, but the answer will be just a guess. Today, most of these electronic devices are manufactured in China for bigger vendors and quality control may not always be sufficient. From the report, it seems that this was an older virus already detected by reputable anti-virus software for some time, which implies that some of the manufacturer’s device testing systems were not protected and got infected when an infected USB media was used. The testing system subsequently kept infecting frames as they were connected to the infected computer for testing of their functionality.

As always with this type of threat, the virus will not be able to infect your computer if you disable the Windows Autorun feature.