UPDATE: I have been speaking to the folks from Razer, as soon as they were aware of the issue, they took down the support website and are working really hard to rectify things. It’s really great to see a company that have the safety of their customers so uppermost in their minds.
The support website at gaming hardware manufacturer Razer, has been compromised to distribute malware.
Razer, in their own words are “the worldwide leader in terms of professional gaming peripherals. While we are light years ahead of our competitors in terms of technology, design and ergonomics“.
A large amount of the device drivers offered for download at the Razer support site were infected with a Trojan TROJ_DROPPER.JIZ. The Trojan delivers the original installer but then goes on to drop a copy of WORM_ASPXOR.AB in the System directory. The malware had very low detection rates, with only 7 out of 41 vendors offering generic detection.
I have informed Razer of this compromise and they have immediately taken the support website down for the time being. I am hoping to hear back from them once their root cause analysis is complete.
It is unclear how long the problem has been ongoing, so in the meantime, if you downloaded anything from Razer recently, head over to HouseCall and run a full system scan and clean up if necessary. Manual clean-up instructions can be found here.