In late December of 2007, I wrote a post entitled "Malware for Materials," arguing that the increasing digital smarts of previous-dumb physical objects was a ripe medium for malicious software and spam.
For the most part, malicious bits of code and data -- collectively referred to as "malware" -- have remained comfortably limited to devices that we recognize as being (to a greater or lesser extent) computers. But as products and materials that have long been seen as non-computers start to get connected to the Internet, start to include processing capability and memory, start to offer "always on" wireless connections -- all in all, start to be active parts of our environments -- the likelihood increases that we'll start to see malware pop up in unexpected locations.
[...] A greater concern is that the viruses (and trojans) that do exist will take advantage of the legacy of trust we have for the dumb versions of the now-smart materials; will we have to worry about what the (voice-controlled) refrigerator overhears or the (video-chat-ready) television sees?
Well, that was fast.
An insidious computer virus recently discovered on digital photo frames has been identified as a powerful new Trojan Horse from China that collects passwords for online games - and its designers might have larger targets in mind. [...]
The virus, which Computer Associates calls Mocmex, recognizes and blocks antivirus protection from more than 100 security vendors, as well as the security and firewall built into Microsoft Windows. It downloads files from remote locations and hides files, which it names randomly, on any PC it infects, making itself very difficult to remove. It spreads by hiding itself on photo frames and any other portable storage device that happens to be plugged into an infected PC. [...]
The new Trojan isn't the only piece of malware involved. Deborah Hale of Sans said the researchers also found four other, older Trojans on each frame, which may serve as markers for botnets - networks of infected PCs that are remotely controlled by hackers.
Whoever thought they'd need to run anti-virus checks on their picture frames?!?!?