The infection was discovered during a recent investigation into suspicious activity on a network belonging to a DigitalSecurus client. Further analysis in a lab environment by DigitalSecurus revealed a variant of the malware known as “Downadup/Conficker” virus in unopened InfoPoint AI-101 touch screen computers. DigitalSecurus contacted the manufacturer of the device, Arrive Systems, and has been working with them closely to investigate the circumstances surrounding the infection.
This malware is particularly dangerous to a network environment as it will attempt to spread itself to other computers. The virus also attempts to communicate with unauthorized computers on the Internet, possibly allowing unauthorized access to corporate files and other sensitive data.
The infection appears to have been installed onto the devices prior to shipping into the United States. DigitalSecurus CEO, Glen Klinkhart, stated “This incident highlights that companies need to be aware of potential threats inside of items that they buy, even those appearing to have come directly from the manufacturer.”
It is unknown how many of the devices are currently in use around the country. DigitalSecurus believes that only some of the devices shipped into the country are directly infected, although all of the devices are potentially vulnerable to infection. Companies using the InfoPoint AI-101 devices are advised to consider removing them from their network until they can be properly analyzed, made harmless, and patched with software updates. For further instructions on specific steps that can be taken users are encouraged to contact the manufacturer, Arrive Systems (http://www.arrivesys.com), at the following link: http://www.arrivesys.com/arrive/arrive-support.php
DigitalSecurus is an Alaskan based network security consulting firm that provides computer security consulting, analysis, forensics, security training, and computer incident response to corporations and organizations in the United States.