McDonald's Japan malware attack: Difference between revisions

(13 intermediate revisions by 7 users not shown)

Line 1:

{{IncidentCargo

|Company=McDonald's

|Company=McDonald's Japan

|StartDate=2006~~-08-04~~

|StartDate=4 August 2006

|EndDate=2006~~-10-16~~

|EndDate=31 August 2006

|Status=Resolved

|Product=~~McDonald's MP3 Players~~

|ProductLine=

|ArticleType=~~Product~~

|Product=

|Type=~~Privacy, Security~~

|ArticleType=

|Description=~~had an competition of 10~~,~~000 winners who received mp3 players~~, ~~however~~ it ~~contained Malware~~ that ~~leaked customers~~ information.

|Type=

}}

|Description=McDonald's Japan, in collaboration with Coca-Cola, ran a promotion in August 2006 where customers would peel a code from a cup and type it into the website for a chance at a free USB-stick MP3 player pre-loaded with ten songs. Those that won had their computer infected with a trojan horse that captured password information if the user was running QQ Instant Messenger.

~~{{Ph-I-Int}}~~

}} [[File:McDonald's Japan MP3 Player showcase.png|alt=McDonald's Japan MP3 Player showcase from the advertisement.|thumb|McDonald's Japan MP3 Player showcase]]

=~~=Background==~~

~~{{Ph-I-B}}~~

==[~~Incident~~]==

In 2006, [[McDonald's]] in collaboration with [[The Coca-Cola Company|Coca-Cola]] ran a promotion in Japan that lasted for 1 month. During this promotion, 10,000 winners obtained a USB-stick MP3 player.<ref name=":0">{{Cite web |last=Sayer |first=Peter |title=Worm eats its way into McDonald’s MP3 player promotion |url=https://www.infoworld.com/article/2183448/worm-eats-its-way-into-mcdonald-s-mp3-player-promotion.html |website=InfoWorld |date=16 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260222055606/https://www.infoworld.com/article/2183448/worm-eats-its-way-into-mcdonald-s-mp3-player-promotion.html |archive-date=22 Feb 2026}}</ref><ref name=":1">{{Cite web |author=Loof |title=McDonald's Mp3 Virus {{!}} Info Comp |url=https://www.youtube.com/watch?v=vV4rxKhiEKo |website=[[YouTube]] |date=18 Jun 2023 |access-date=6 Mar 2026 |url-status=live |archive-url=https://preservetube.com/watch?v=vV4rxKhiEKo |archive-date=7 Mar 2026}}</ref> When Japanese winners received their MP3 players and inserted them into their computers, it was discovered that the products additionally carried malware meant for Windows operating systems.<ref name=":2" /><ref name=":3" /><ref name=":4" />

~~{{Ph~~-I-I}}

===[Company]'~~s response~~===

==Incident==

On ''4 August, 2006'' across Japan, [[McDonald's]] collaborated with [[The Coca-Cola Company|Coca-Cola]] to run a promotion which lasted until ''31 August, 2006''. During this promotion, customers would peel a code from a cup and type the code onto their website, with 10,000 selected winners obtaining a USB-stick MP3 player loaded with ten free songs.<ref name=":0" /><ref name=":1" /> Winners who received the ''McDonald's MP3 Player'' would be infected with a [[wikipedia:Trojan_horse_(computing)|Trojan Horse]] called ''QQPass Trojan'' that would affect devices running the popular [[Microsoft Windows|Windows]] versions at the time. ''QQPass Trojan'' worked to first disable the device's antivirus(es), and then if the user was running was {{Wplink|Tencent QQ|QQ Instant Messenger}}, it would capture password information and forward it via e-mail to a malicious third-party.<ref name=":2">{{Cite web |last=deVilla |first=Joey |title=Superspyware Me! |url=https://www.globalnerdy.com/2006/10/16/superspyware-me/ |website=Global Nerdy |date=16 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250806085622/https://www.globalnerdy.com/2006/10/16/superspyware-me/ |archive-date=6 Aug 2025}}</ref><ref name=":3">{{Cite web |last=Stevens |first=Chris |title=McDonalds' free Trojan: "Would you like malware with that?" |url=https://www.cnet.com/tech/mobile/mcdonalds-free-trojan-would-you-like-malware-with-that/ |website=CNet |date=17 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250821060514/https://www.cnet.com/tech/mobile/mcdonalds-free-trojan-would-you-like-malware-with-that/ |archive-date=21 Aug 2025}}</ref><ref name=":4">{{Cite web |last=Leyden |first=John |title=Spyware infection prompts McDonalds MP3 recall |url=https://www.theregister.com/2006/10/16/mcd_spyware_mp3_recall/ |website=The Register |date=16 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260123185302/https://www.theregister.com/2006/10/16/mcd_spyware_mp3_recall/ |archive-date=23 Jan 2026}}</ref>[[File:McDonald's Japan 2006 cup advertisement.png|thumb|alt=McDonald's Japan 2006 Cup Advertisement]]

==~~Lawsuit~~==

~~{{Ph~~-I-L}}

==~~Consumer response~~==

~~{{Ph~~-I-~~ConR~~}}

==Company response==

On ''7 August 2006'', McDonald's issued a public apology for any consumers infected from the incident. The company offered a web link that removed the malware from computers and allowed winners to return their MP3 players for a free replacement.<ref>{{Cite web |last=Thomson |first=Iain |title=Free malware from McDonalds |url=https://www.itpro.com/95790/free-malware-from-mcdonalds |website=ITpro |date=17 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250710015215/https://www.itpro.com/95790/free-malware-from-mcdonalds |archive-date=10 Jul 2025}}</ref><ref>{{Cite web |author= |title=McDonalds Unwittingly Distributes Contaminated Prizes |url=https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm |website=SPAMfighter |date=26 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260213213750/https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm |archive-date=13 Feb 2026}}</ref>

File:McDonald's Japan 2006 webpage using Google Translate.png|McDonald's Japan 2006 Google Translate Page apology and request for MP3 players.

File:McDonald's Japan Customer Support Page.png|McDonald's Japan Customer Support Page in 2006.

File:McDonald's Official Statement.png|McDonald's Official Statement regarding 2006 Japan malware incident.

</gallery>

==References==

~~{{Ph-I-C}}~~

[[Category:McDonald's]]

@@ Line 1: / Line 1: @@
 {{IncidentCargo
-|Company=McDonald's
+|Company=McDonald's Japan
-|StartDate=2006-08-04
+|StartDate=4 August 2006
-|EndDate=2006-10-16
+|EndDate=31 August 2006
 |Status=Resolved
-|Product=McDonald's MP3 Players
+|ProductLine=
-|ArticleType=Product
+|Product=
-|Type=Privacy, Security
+|ArticleType=
-|Description=had an competition of 10,000 winners who received mp3 players, however it contained Malware that leaked customers information.
+|Type=
-}}
+|Description=McDonald's Japan, in collaboration with Coca-Cola, ran a promotion in August 2006 where customers would peel a code from a cup and type it into the website for a chance at a free USB-stick MP3 player pre-loaded with ten songs. Those that won had their computer infected with a trojan horse that captured password information if the user was running QQ Instant Messenger.
-{{Ph-I-Int}}
+}} [[File:McDonald's Japan MP3 Player showcase.png|alt=McDonald's Japan MP3 Player showcase from the advertisement.|thumb|McDonald's Japan MP3 Player showcase]]
-==Background==
-{{Ph-I-B}}
-==[Incident]==
+In 2006, [[McDonald's]] in collaboration with [[The Coca-Cola Company|Coca-Cola]] ran a promotion in Japan that lasted for 1 month. During this promotion, 10,000 winners obtained a USB-stick MP3 player.<ref name=":0">{{Cite web |last=Sayer |first=Peter |title=Worm eats its way into McDonald’s MP3 player promotion |url=https://www.infoworld.com/article/2183448/worm-eats-its-way-into-mcdonald-s-mp3-player-promotion.html |website=InfoWorld |date=16 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260222055606/https://www.infoworld.com/article/2183448/worm-eats-its-way-into-mcdonald-s-mp3-player-promotion.html |archive-date=22 Feb 2026}}</ref><ref name=":1">{{Cite web |author=Loof |title=McDonald's Mp3 Virus {{!}} Info Comp |url=https://www.youtube.com/watch?v=vV4rxKhiEKo |website=[[YouTube]] |date=18 Jun 2023 |access-date=6 Mar 2026 |url-status=live |archive-url=https://preservetube.com/watch?v=vV4rxKhiEKo |archive-date=7 Mar 2026}}</ref> When Japanese winners received their MP3 players and inserted them into their computers, it was discovered that the products additionally carried malware meant for Windows operating systems.<ref name=":2" /><ref name=":3" /><ref name=":4" />
-{{Ph-I-I}}
-===[Company]'s response===
+==Incident==
-{{Ph-I-ComR}}
+On ''4 August, 2006'' across Japan, [[McDonald's]] collaborated with [[The Coca-Cola Company|Coca-Cola]] to run a promotion which lasted until ''31 August, 2006''. During this promotion, customers would peel a code from a cup and type the code onto their website, with 10,000 selected winners obtaining a USB-stick MP3 player loaded with ten free songs.<ref name=":0" /><ref name=":1" /> Winners who received the ''McDonald's MP3 Player'' would be infected with a [[wikipedia:Trojan_horse_(computing)|Trojan Horse]] called ''QQPass Trojan'' that would affect devices running the popular [[Microsoft Windows|Windows]] versions at the time. ''QQPass Trojan'' worked to first disable the device's antivirus(es), and then if the user was running was {{Wplink|Tencent QQ|QQ Instant Messenger}}, it would capture password information and forward it via e-mail to a malicious third-party.<ref name=":2">{{Cite web |last=deVilla |first=Joey |title=Superspyware Me! |url=https://www.globalnerdy.com/2006/10/16/superspyware-me/ |website=Global Nerdy |date=16 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250806085622/https://www.globalnerdy.com/2006/10/16/superspyware-me/ |archive-date=6 Aug 2025}}</ref><ref name=":3">{{Cite web |last=Stevens |first=Chris |title=McDonalds' free Trojan: "Would you like malware with that?" |url=https://www.cnet.com/tech/mobile/mcdonalds-free-trojan-would-you-like-malware-with-that/ |website=CNet |date=17 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250821060514/https://www.cnet.com/tech/mobile/mcdonalds-free-trojan-would-you-like-malware-with-that/ |archive-date=21 Aug 2025}}</ref><ref name=":4">{{Cite web |last=Leyden |first=John |title=Spyware infection prompts McDonalds MP3 recall |url=https://www.theregister.com/2006/10/16/mcd_spyware_mp3_recall/ |website=The Register |date=16 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260123185302/https://www.theregister.com/2006/10/16/mcd_spyware_mp3_recall/ |archive-date=23 Jan 2026}}</ref>[[File:McDonald's Japan 2006 cup advertisement.png|thumb|alt=McDonald's Japan 2006 Cup Advertisement]]
-==Lawsuit==
-{{Ph-I-L}}
-==Consumer response==
-{{Ph-I-ConR}}
+==Company response==
+On ''7 August 2006'', McDonald's issued a public apology for any consumers infected from the incident. The company offered a web link that removed the malware from computers and allowed winners to return their MP3 players for a free replacement.<ref>{{Cite web |last=Thomson |first=Iain |title=Free malware from McDonalds |url=https://www.itpro.com/95790/free-malware-from-mcdonalds |website=ITpro |date=17 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250710015215/https://www.itpro.com/95790/free-malware-from-mcdonalds |archive-date=10 Jul 2025}}</ref><ref>{{Cite web |author= |title=McDonalds Unwittingly Distributes Contaminated Prizes |url=https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm |website=SPAMfighter |date=26 Oct 2006 |access-date=6 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260213213750/https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm |archive-date=13 Feb 2026}}</ref>
+<gallery>
+File:McDonald's Japan 2006 webpage using Google Translate.png|McDonald's Japan 2006 Google Translate Page apology and request for MP3 players.
+File:McDonald's Japan Customer Support Page.png|McDonald's Japan Customer Support Page in 2006.
+File:McDonald's Official Statement.png|McDonald's Official Statement regarding 2006 Japan malware incident.
+</gallery>
 ==References==
-{{reflist}}
+{{Reflist}}
-{{Ph-I-C}}
+[[Category:McDonald's]]