Skip to main content

Mouse-Maker Razer Hacked, Firmware Infected

Is there anything--heck anywhere--safe on the Internet anymore? Rik Ferguson of Trend Micro is claiming that PC accessory maker Razer USA was recently infected with a Trojan horse, thus infecting drivers stored on its support servers. After downloading and examining eight infected drivers, Trend Micro contacted the company and the files were thus removed from the site.

Unfortunately, many customers already downloaded the infected files. Ferguson told ITworld that consumers not only retrieved the requested drivers, but the WORM.ASPXOR.AB Trojan program as well. The malware is rather obscure, with only 7 out of 41 vendors offering generic detection. Because Razer USA's peripherals are mostly geared toward gamers, they are more at risk because they tend to disable antivirus protection to gain more system resources.

Currently Razer USA has no clue as to how the downloads were infected. As of Monday afternoon, the company's main website was still up and running, however the customer support website was yanked offline while Razer USA and Trend Micro investigated the source of the infection. "Woops," read the support page. "We had to bring down Razer Support for the time being for a quick fix."

Ferguson said that the malicious Trojans were crawling on Razer USA's website for a few days prior to his involvement based on comments from concerned customers. As of today the support page has returned online, however Razer USA provides links to online virus scanners for anyone who downloaded the infected drivers here.

  • Shadow703793
    Wow.... this is a new level of infection. What's next?
    Reply
  • hopiamani
    Great glad I just bought their mouspad... unless...
    Reply
  • waikano
    Firmware Infected? Since when are drivers considered firmware updates?
    Reply
  • doomtomb
    This is why I am a Logitech man.
    Reply
  • Shadow703793
    waikanoFirmware Infected? Since when are drivers considered firmware updates?FYI, the Razer Copperhead,etc has Firmware updates available and the firmware update files were also infected apparently, not just the drivers.
    Reply
  • Shadow703793
    See: http://www2.razerzone.com/MouseGuide/technology/firmware/18.html
    Yes, they do have firmware that you can update.
    Reply
  • Major7up
    doomtombThis is why I am a Logitech man.They could just as easily have the same problem as Razor so don't hold your breath. One misconfigured router or missing system update is all it takes. Or just one lazy sys admin, or a persistent hacker or disgruntled employee or...the list goes on.
    Reply
  • maigo
    Well I hope they don't go after the MX Revolution next
    Reply
  • Dark Lord of Tech
    any hole that is open they will attack it!i'm not suprised!
    Reply
  • spectrewind
    maigoWell I hope they don't go after the MX Revolution next
    Exactly. I'm more worried about DNS cache poisoning and forwarders pointing to a duplicate/false site than the original site going down.
    Reply