Unsuspectingly infecting its drivers with malware the first incident as a gaming hardware manufacturer ended up at Engegame Gear, the developer of the mice, which spread the malware-based driver software through its official web site over a period of weeks. The stolen file, which is a configuration utility to OP1w 4k v2 mouse, was available in the company product page between 26 June and 9 July until it was removed.
Date and Discovery
The vulnerability was first revealed when worried users on Reddit detected dubious system activity, when attempting to use the configuration tool, located on the official download site of Endgame Gear. An additional investigation indicated that the file contained Xred, one of the iPhone remote access trojan (RAT) malware that has been known to steal the data obtained, gain remote control of PCs, and deliver additional malware.
Incidentally, the infection was started by servers belonging to the company and not a third-party mirror, which posed a particular threat to users who use the official resources. The company confirmed the problem later on and released a security statement and replaced the malicious utility with a clean version.
Area and Response
The only one that had been affected is the OP1w 4k v2 configuration tool.
According to official explanations, there is no customer information that was stolen on the servers of Endgame Gear.
The company has made introducing more malware checks, centralized downloads, and committing itself to introduce more integrity checks, such as SHA hashes and digital signatures, in later versions.
It is requested of the affected users to:
Erase the infected software.
Watch out and delete any suspicious files- e.g. a hidden C:\ProgramData\Synaptics folder.
By running an antivirus on the computer.
Expressed by the episode is the danger of supply chain and web site assaults even by known vendors, and the issue has drawn alarm at the openness and user notification principles in the tech sector
Post a Comment