Fast food giant McDonald’s is understood to have launched a recall of MP3 players given as prizes in a soft drinks promotion after finding that they were infected with spyware.
The promotion, sponsored by McDonald’s and Coca-Cola, offered customers in Japan the opportunity to win a Flash MP3 player with a selection of preloaded music by sending in a serial number from their drink purchase.
But the MP3 players are understood to have been infected with a variant of the QQpass spyware Trojan. Users who plugged the MP3 player into their Windows PC were exposed to spyware set up to transmit web passwords and other sensitive details to hackers.
Up to 10,000 people who claimed the prize could be affected.
A Japanese language statement on the McDonald’s Japan website is linked to security firm Trend Micro’s fix page for QQpass.
Security experts warned that security risks from increasingly popular gadgets such as MP3 players were growing. Matt Fisher, vice-president of Centennial Software, said, “MP3 usage isn't confined to the home. Over 55% of all users regularly plug their players in at work, which means the potential for data theft increases dramatically.”