Ugh, we were already sick of digital photo frames -- and now it looks those now-discontinued virus-ridden Insignia units from Best Buy and several other models produced in China were carrying a much nastier trojan that we'd originally heard. According to an analyst form Computer Associates, the trojan, called Mocmex, is able to block more than 100 types of security and anti-virus software from killing it, and bypasses the Windows firewall to download files from remote locations, spreading them randomly over your hard drive and any portable storage device you plug into your PC -- like, for example, a digital photo frame. The trojan is apparently set to only steal gaming passwords at present, but CA says it's capable of stealing nearly any information on your machine, and thinks it might be a test for a much worse virus yet to come. Infected frames have come from Sam's Club, Target and Costco, in addition to Best Buy, so we'd say to avoid picking one up until this mess gets sorted out -- or, you know, forever.

If you've recently plunked down $599-ish for a TomTom GO 910 portable GPS device, but decided to hop onto the interwebs real quick just before you plug that sucker in (yeah, we know, the odds are low), then it looks like it's your lucky day. Apparently the Netherlands-based TomTom just admitted to a UK security journalist that the TomTom GO 910s that were produced between September and November of 2006 have been shipping with a couple Trojans -- similar to Apple's little RavMonE.exe debacle last year. But not to worry: "The viruses that were detected present an extremely low risk to customers' computers," according to TomTom. Of course, relaying to the public such helpful information that TomTom was obviously aware of would be clearly out of the question, but it's nice to know that while manufacturing oversights caused a couple of Trojans to be introduced to unsuspecting PC users by spendy GPS hardware, they at least aren't the nasty kind. TomTom claims the problem has been corrected, and that "Appropriate actions have been taken to make sure this is prevented from happening again in the future." They also have some instructions at the read link for removing the viruses (win32.Perlovga.A Trojan and TR/Drop.Small.qp), which mostly amount to advising you to update your virus software.

[Via Slashdot]

What do tubby teens, MP3 players, and grandma's scalded taint all have in common? That's right, the absolute attention of McDonald's legal. See, McDonald's and Coca-Cola recently teamed up in Japan to give away 10,000 self-branded MP3 players pre-loaded with 10 spankin' new tunes and... some delicious malware. It seems that a "portion" of the players sport a variant of the QQPass family of trojan horses which capture passwords and other personal information when the MP3 player is plugged into the users' PC. The code then proceeds to email the details to the author. McDonald's has setup a 24 hour hotline while they are investigating the matter and will swap out all the offending players. Good times.

[Via Impress]