Important Security Update Regarding the OP1w 4k v2 Configuration Tool

Dear Endgame Gear Customers,

we are issuing this statement to inform you of an isolated security incident involving a malware-infected version of our Configuration Tool for the OP1w 4k v2 mouse. This compromised file was distributed unnoticed via the OP1w 4k v2 product page on our brand store between June 26th to July 9th on this domain only: www.endgamegear.com/gaming-mice/op1w-4k-v2.

What happened: During the period of June 26th to July 9th, a version of the Configuration Tool for the Endgame Gear OP1w 4k v2 wireless mouse, available for download on the OP1w 4k v2 product page, was found to contain malware. We have since removed the infected file.

Please note: This issue was isolated to the OP1w 4k v2 product page download only. All other official sources for our software and firmware, including our main Downloads page (www.endgamegear.com/downloads), our GitHub repository (github.com/EndgameGear), and our Discord channel, were not affected and contained clean files. No other v2 products or their configuration tools were impacted.

We became aware of this situation involving one of our product pages through online discussions. Following this, we initiated an internal review to better understand the circumstances and address any potential issues. A clean version of the affected file was immediately published as soon as we identified the situation.

Importantly, access to our file servers was not compromised, and no customer data was accessible or affected on our servers at any time.

As an immediate response, we thoroughly checked all our hosted software and firmware files for malware, confirming no other files were infected. While our investigation into the exact point of compromise is ongoing, we have already implemented, and continue to implement, several significant security enhancements:

• Implementation of additional malware scans for all files both before and after upload to our servers (done)
• Reinforcing anti-malware protections on our hosting servers (done)
• Discontinuing product page-specific downloads and centralizing all software downloads to our main Downloads page (ongoing)
• Adding integrity verification: Providing SHA hashes for all downloads to allow users to verify file integrity (ongoing)
• Adding digital signatures to all our software files to confirm authenticity (planned to be implemented ASAP)

We sincerely regret this incident and deeply apologize for any concern or inconvenience it may have caused. For Endgame Gear, the security and trust of our customers are paramount. We are fully committed to continuously improving our security protocols to prevent such events from occurring again.

Recommended actions for affected users:

If you downloaded the Configuration Tool for your OP1w 4k v2 from the product page on our brand store between June 26th and July 9th, we strongly recommend the following steps:

Identify potentially infected files:

• File Size Check: Compare the file size of your "Endgame Gear OP1w 4k v2 Configuration Tool v1.00.exe". A clean unzipped file is approximately 2.3MB (zipped: ~1.1MB). The infected unzipped file is approximately 2.8MB (zipped: ~1.4MB).
• File Details Check: Right-click on the file in Windows Explorer, select "Properties," and navigate to the "Details" tab. Infected files will display "Synaptics Pointing Device Driver" as the "Product name," while clean files will display "Endgame Gear OP1w 4k v2 Configuration Tool".

Remove the infected file and associated malware:

• Immediately delete the downloaded file if it matches the characteristics of an infected file or if you are in any doubt.
• Check for the presence of the folder "C:\ProgramData\Synaptics" (after enabling hidden files in Windows Explorer via "View" -> "Show" -> enable "Hidden items"). If this folder exists, delete it and its entire contents.
• Perform System Scan: Run a full system scan with reputable antivirus software to ensure your system is clean.

Download the clean version of the OP1w 4k v2 Configuration Tool from our official Downloads page: www.endgamegear.com/downloads.

If you have further questions or are uncertain of what to do, please contact us at [email protected].

We appreciate your understanding and continued support as we work to strengthen our security measures.

Sincerely,

The Endgame Gear Team