McDonalds Japan has launched a recall after discovering that MP3 players it offered as a prize were loaded with a particularly nasty strain of malware. Up to 10,000 people might have been exposed to the problem after claiming a Flash MP3 player pre-loaded with ten tunes and a variant of the QQpass spyware Trojan.

Punters received the contaminated gift after purchasing a large drink form the fast-food chain in Japan and submitting a serial number contained on the beverage holder as part of a competition, sponsored by McDonalds and Coca-cola. Users who connected the McDonalds-branded MP3 player to their Windows PC were exposed to spyware code programmed to transmit their web passwords and other sensitive information to hackers. The cause of the accidental infection is unclear but past experience suggests a contaminated machine involved in loading content onto the players is the likely culprit.

McDonalds Japan has apologized for the cock-up and established a helpline designed to handle the recall of the infected MP3 players and send out uncontaminated music gizmos. A Japanese-language statement also explains how punters can cleanse potentially infected PCs. ®

Related stories

• McDonalds survey scam is super-size fraud (1 December 2008)
• Rogue MP3 Trojan streaks across P2P networks (7 May 2008)
• Worm eats music on infected PCs (31 July 2007)
• SanDisk to secure online sales with USB Flash drives (24 October 2006)
• Spam Cube signs Amazon.co.uk for British debut (20 October 2006)
• Manufacturer loads Trojans onto HDDs (25 November 2005)
• IBM Memory Keys in mystery virus infection (12 February 2002)
• Powerpuff Girls catch FunLove Virus (1 November 2001)
• HP distributes virus infected drivers (24 January 2001)
• Fun Loving Criminals torpedo Dell factory (19 November 1999)