An official configuration tool for a gaming mouse was tampered with to deliver malware to users. On Wednesday, Endgame Gear alerted customers about the threat after a user discovered the tool appeared to be loaded with the Windows-based Xred malware.
According to Endgame Gear, the product page for the OP1w 4k v2 gaming mouse distributed the malware between June 26 and July 9. “We have since removed the infected file,” the vendor said. “Please note: This issue was isolated to the OP1w 4k v2 product page download only.”
(Credit: Endgame Gear)
The big question is how the malware was loaded on the site and if Endgame Gear suffered a larger breach. The vendor is still investigating, but says, “access to our file servers was not compromised, and no customer data was accessible or affected on our servers at any time.”
It’s unclear how many customers were affected. But the Xred malware operates as a backdoor that can steal data from a PC, secretly hijack the computer, and download other malicious payloads, making it a serious infection. As a result, Endgame Gear is urging impacted customers to remove the identified infected files. The company’s security alert has more details.
A Reddit user initially brought up the malware threat last week, warning other Endgame Gear customers “this did not come from a sketchy site or a third-party mirror. It came from the official vendor page.” The user installed the configuration tool and noticed unusual behavior on their PCs, including “Windows error popups,” which prompted them to investigate.
“This situation is more than just a technical hiccup. It’s a serious legal issue, because essentially malware was distributed from their infrastructure,” the user added. “Endgame Gear should not be allowed to brush this under the rug.”
Recommended by Our Editors
Wednesday’s statement finally brings some clarity and accountability after PC review site Igor’sLAB also flagged the threat of malware affecting Endgame Gear’s mouse. The vendor is now apologizing to affected customers and is pledging to bolster its security. “A clean version of the affected file was immediately published as soon as we identified the situation,” it said.
Endgame Gear also notes: “All other official sources for our software and firmware, including our main Downloads page (www.endgamegear.com/downloads), our GitHub repository (github.com/EndgameGear), and our Discord channel, were not affected and contained clean files. No other v2 products or their configuration tools were impacted.”
How to Share Games on Nintendo Switch 2
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Michael Kan
Senior Reporter
