Image: Endgame Gear
For me, the biggest difference between a gaming mouse or keyboard and a regular one is the software. Gaming accessories need a lot more customization options, and preferably a tool that lets you change settings automatically for each game. But mouse maker Endgame Gear distributed a little something extra with its mouse software: a remote access trojan.
Upon downloading the official software tool for the OP1w 4K V2 mouse (catchy), directly from Endgames website, some Reddit posters discovered that it was packing a remote access trojan that triggered multiple virus scanners, but notably not Windows Defender. Other Reddit users on the Mouse Review subreddit discovered other Endgame installers with different malware packages, as reported by German security site Igors Lab.
Investigations found that the Endgame site itself had likely been compromised sometime on or after July 2, though clean versions of the relevant mouse software had been replaced by July 17. Endgame Gear has been notably quiet about how malware was posted to its own official download repository. One vague statement on a Discord server after the (apparently correct) file was re-uploaded is all thats been issued so far, with no public-facing messages on either the company website or the Reddit thread where the problems were first discovered.
Endgame customers are, in a word, pissed, and its hard to blame them. Igors Lab and Reddit users note that if the Berlin-based manufacturer (Pro Gamersware GmbH) has discovered a malware infection with access to user data, it could be in violation of the EUs General Data Protection Regulation (GDPR) by withholding full disclosure.
From what I can tell, EndgameGear has not addressed this publicly, which is incredibly irresponsible, says /u/Admirable-Raccoon597, the original poster. The malicious ZIP file was silently replaced with a clean version, which clearly shows they were aware something was wrong.
