- The end of the diverted end of game speed software to serve malicious software
- Attack identified by the company community
- The end of the game provides significant changes to avoid repeated events
Gaming Kit Maker Endgame Gear confirmed that he was the victim of a supply chain attack which saw the unidentified threat actors enter its website and replace a legitimate configuration tool with a trojanized version containing malicious software.
In an advertisement published on the company’s website, he said on June 26, 2025, someone managed to replace a version of the configuration tool for the Endgame Gear OP1W 4K V2 wireless mouse, found on his product page, with malicious fraud.
The contaminated version remained on the site until July 9, when it was deleted.
Hide the attack in sight
Malware acts as an infosteller, so that users must also change their passwords, in particular for important accounts such as bank, work, social media, emails and similar.
The company has not discussed how the threat stakeholders have interrupted, or who they were, but stressed that the trojanized version was only found on the product page for this specific device, while the versions found on the download site, Github or Discord, have remained clean.
Software for other devices were not also targeted.
Endgame said that he had only spotted the intrusion after seeing “online discussions”, which means that it was the community that reported the attack.
A more in -depth analysis has shown that access to file servers was not compromised and that customer data has not been accessible.
To prevent similar incidents from occurring in the future, Endgame kills specific downloads on product page and centralizes all downloads on its main download page.
In addition, it implements additional malware analyzes and strengthening anti-malware protections on its accommodation servers.
Users who downloaded the malware are invited to delete it and check the presence of the “C: ProgramData Synaptics” folder (it could be hidden).
They should also perform a complete system analysis and download a clean version.
Via Bleeping Compompute
