• United States



by Dave Gradijan

TomTom GPS Devices Infected by Trojans, Viruses

Jan 30, 20072 mins
CSO and CISOData and Information Security

If you’ve picked up a TomTom GPS over the past few months, you may have bought more than you bargained for. TomTom International confirmed Monday that some of its latest GO 910 devices have shipped with a virus preinstalled.

The infected systems were all manufactured during a one-week period around October 2006, TomTom said in a statement posted to its website Monday. The affected systems are running version number 6.51 of the TomTom software.

The company didn’t say how it managed to install malware on its products, but it warned that infected versions of the GO will try to copy the malicious software to a PC, when connected. News of the infection was first reported Sunday on

TomTom rated the malware as “low risk” and said that it is detected by many antivirus products. A “small, isolated number” of systems are affected, the firm said.

Infected GO 910s include Trojan horse and virus software that has been blocked by antivirus vendors since June 2006, said Roel Schouwenberg, a senior research engineer with Kaspersky Lab.

One of the files, called Backdoor.Win32.Small.lo, uses the Windows AutoRun feature to try and make Windows run the other malicious software on the device, once it’s been connected to the PC, he said after examining the malware.

TomTom isn’t the first company to make this kind of mistake. Apple accidentally shipped malware with some of its iPods last October, for example.

The malicious software often gets installed when an infected PC is used to test or configure the devices, Schouwenberg said.

However, the fact that the TomTom malware had been known for months when it was installed on the GPS devices reflects badly on the company, Schouwenberg said. “We found the malware in June,” he said. “It means that someone around the product line is either not using antivirus, or they’re using bad antivirus.”

-Robert McMillan, IDG News Service