In a shocking cybersecurity incident, hackers have successfully infiltrated the official software distribution platform of Endgame Gear, a known gaming peripheral manufacturer. Between June 26 and July 9, 2025, their OP1w 4K V2 mouse configuration tool was compromised and used to spread a dangerous backdoor malware called Xred.

What Happened?

The malware-laced version of the configuration tool was hosted on Endgame Gear’s official product page, making it extremely difficult for users to spot. The breach only came to light after sharp-eyed users in Reddit’s Mouse Review community noticed strange behavior after installing the software. One user, Admirable-Raccoon597, raised the alarm, confirming the download came directly from the vendor’s site, not a third party.

 Meet Xred – A Stealthy, Sophisticated Threat

The malware, Xred, is no newcomer. It’s been circulating since at least 2019 and is classified as a Remote Access Trojan (RAT). It is capable of

    • Collecting sensitive system info: MAC address, usernames, and machine names.
    • Keylogging: Capturing keystrokes, including banking credentials and passwords.
    • Persistence: Creating a hidden folder in C:\ProgramData\Synaptics\ and masquerading as trackpad software.
    • Spreading via USB: Infecting connected drives and Excel files with malicious macros.

Xred is not just a passive data thief — it’s a smart, evolving digital threat capable of establishing long-term control over victim systems.

 Company Response

Despite the severity of the breach, Endgame Gear quietly replaced the infected files on July 17, without an immediate public alert. In a later statement, they claimed:

“Access to our file servers was not compromised, and no customer data was accessible or affected on our servers at any time.”

However, the lack of early transparency drew criticism. The company has now promised several countermeasures, including:

 

  • Improved malware scanning
  • Server-side security reinforcements
  • Adding digital signatures to all future software

 The Bigger Picture

This incident is a textbook example of a supply chain attack, where trusted software becomes the attacker’s entry point. Gaming communities—often seen as low-risk targets—are now firmly on the radar of cybercriminals due to high user engagement, lower awareness, and weak endpoint protection.

As this breach shows, even trusted downloads from official sites aren’t always safe. Regular users must remain vigilant and follow best cybersecurity practices like enabling 2FA, monitoring software behavior post-installation, and verifying file authenticity when possible.

bEdge Tech Services redefines business partnerships by nurturing ones that are beneficial for long-term growth. With presence in India,  IT and staffing services, and have transitioned into full-scale digital transformation pioneers.

Company

ABOUT Us
Services
Insights
FAQ
Career
Contact Us

Contact

Instagram Linkedin X-twitter

Newsletter

Subscribe to our newsletter to keep up to date on our marketing, website, design services, and tips.

We hate spam as much as you do. We will never, ever send you such emails.

© 2025 Bedge Techinc | All Rights Reserved.

Terms & Conditions | Privacy Policy.