Virus located in TomTom GPS systems

Low-risk malware was pre-installed on some devices that were manufactured during a single week of October, 2006

If you've picked up a TomTom GPS over the past few months, you may have bought more than you bargained for. TomTom International confirmed Monday that some of its latest GO 910 devices have shipped with a virus pre-installed.

The infected systems were all manufactured during a one-week period around October 2006, TomTom said in a statement posted to its Web site Monday. The affected systems are running version number 6.51 of the TomTom software.

The company didn't say how it managed to install malware on its products, but it warned that infected versions of the GO will try to copy the malicious software to a PC when connected. News of the infection was first reported Sunday on the Web site.

TomTom rated the malware as "low risk" and said that it is detected by many antivirus products. A "small, isolated number" of systems are affected, TomTom said.

Infected GO 910s include Trojan horse and virus software that has been blocked by antivirus vendors since June 2006, said Roel Schouwenberg, a senior research engineer with Kaspersky Lab Ltd.

One of the files, called Backdoor.Win32.Small.lo, uses the Windows AutoRun feature to try to make Windows run the other malicious software on the device once it's been connected to the PC, he said after examining the malware.

TomTom isn't the first company to make this kind of mistake. Apple accidentally shipped malware with some of its iPods last October, for example.

The malicious software often gets installed when an infected PC is used to test or configure the devices, Schouwenberg said.

However, the fact that the TomTom malware had been known for months when it was installed on the GPS devices reflects badly on the company, Schouwenberg said. "We found the malware in June," he said. "It means that someone around the product line is either not using antivirus, or they're using bad antivirus."