McDonalds Japan Spreads Malware on MP3 Player


This is pretty funny, but frankly typical of McDonalds..act before they think, it’s cheap, it’ll get more customers, whack it out!

They gave out a bunch of flash drive mp3 players as a promotion, it turns out every single one was loaded with a fairly nasty piece of spyware!

McDonalds Japan has launched a recall after discovering that MP3 players it offered as a prize were loaded with a particularly nasty strain of malware. Up to 10,000 people might have been exposed to the problem after claiming a Flash MP3 player pre-loaded with ten tunes and a variant of the QQpass spyware Trojan.

Not nice eh? Pretty bad too as it doesn’t just track your surfing habits, it actually sends out your passwords over the web.

Punters received the contaminated gift after purchasing a large drink form the fast-food chain in Japan and submitting a serial number contained on the beverage holder as part of a competition, sponsored by McDonalds and Coca-cola. Users who connected the McDonalds-branded MP3 player to their Windows PC were exposed to spyware code programmed to transmit their web passwords and other sensitive information to hackers. The cause of the accidental infection is unclear but past experience suggests a contaminated machine involved in loading content onto the players is the likely culprit.

They are really sorry, honestly..

McDonalds Japan has apologized for the cock-up and established a helpline designed to handle the recall of the infected MP3 players and send out uncontaminated music gizmos. A Japanese-language statement also explains how punters can cleanse potentially infected PCs

Apologised, meh! Any thoughts?

Source: The Register

Posted in: Malware, Privacy

, ,


Latest Posts:


truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.


Comments are closed.