HP Printer Drivers Hit Again With Funlove Virus

Hewlett-Packard (HP) on Thursday pulled a printer driver from its website after security vendor BitDefender reported that the software was infected with the same computer virus that infected HP’s drivers more than five years ago.

A BitDefender partner notified the security vendor of the infected driver software on Wednesday, and the company’s security researchers soon determined that it had the same Funlove virus that had plagued HP in December 2000.

The infected printer driver was removed from HP’s website early Thursday, said BitDefender spokesman Vitor Souza.

Until then, the virus was being distributed with the Korean version of the Windows 95/98 driver for HP’s Officejet g85 All-in-One printer. HP no longer sells the all-in-one printer, and the current antivirus products are able to block it. So while the oversight is an embarrassment for HP, it’s unlikely that many users were affected by Funlove.

Previously, HP had inadvertently distributed the Funlove virus in Japanese printer drivers that were made available on the company’s website. Souza believes that HP most likely neglected to remove this particular infected driver back in 2000. “Its just like nobody had run a test against antivirus [software],” he said.

Even for users who fall prey to the virus, the consequences are not severe.

When it gets installed, the Funlove pops up a text message that reads “Fun Loving Criminal,” and then attempts to reboot the PC. On Windows NT machines, it attempts to change system settings so that files that can normally be seen only by administrators are visible to all.

HP executives were not immediately available to comment for this story.

BitDefender is owned by Softwin SRL, based in Bucharest, Romania.

-Robert McMillan, IDG News Service

Keep checking in at our Security Feed page, or subscribe via RSS, for updated news coverage.