What if you went to a trusted hardware maker’s website to download a new driver and end up infecting your computer with malware? This sounds almost impossible but this actually happened recently with Endgame Gear, a company that designs and sells gaming mice and keyboards, accidentally distributed malware through its official software downloads. Yes, you read that right. Users on Reddit discovered that the software for the OP1w 4K V2 mouse was downloaded directly from Endgame Gear’s website. Turns out it contained a remote access trojan. This type of malware can allow attackers to take control of affected computers remotely.
Numerous antivirus programmes detected the malware but Windows Defender notably failed to identify the threat. Further investigation by members of Reddit’s Mouse Review community and the cybersecurity website Igor’s Lab revealed that other Endgame software installers also contained different kinds of malware. This points to a deeper security issue affecting the company’s download servers.
What happened and how Endgame Gear responded
The source of the problem appears to be a hacking incident on Endgame Gear’s official website. This compromise likely occurred sometime shortly after July 2. By July 17, all infected software was removed and replaced with clean versions. Despite fixing the issue, the company has remained mostly silent about the breach. Their only communication was a vague message posted on their Discord server, following the re-upload of clean files. It essentially acknowledged that an updated and clean version of the software was now available but did not directly address the breach, the presence of malware, or any steps taken to protect users or investigate the issue.
No formal or detailed statements have been issued on their official website or in the Reddit thread where the problem was first reported by users. Customers and community members have expressed frustration and disappointment over this lack of transparency. Many feel it was irresponsible for the company to quietly replace the infected files without any warnings or explanations to users who may have downloaded the malware and been put at risk.
If the malware was able to access user data during the breach, Endgame Gear could potentially be violating the European Union’s General Data Protection Regulation (GDPR). The regulation requires companies to promptly disclose data breaches, especially when personal information might be involved.
User reactions and lessons for gamers
One Reddit user, /u/Admirable-Raccoon597, who first alerted the community to the malware, called the company’s silence irresponsible. They pointed out that the infected installer was quietly replaced with a clean version which shows the company knew about the problem but chose not to communicate it openly.
This episode reminds gamers and users of gaming peripherals about the risks involved when downloading software and drivers, even from official sources. It highlights the importance of using trusted antivirus software and monitoring security news related to your hardware. Endgame Gear customers should stay alert for any further statements or updates. Without clear information from the company, questions remain about how far the malware spread and what potential harm it caused.