A Microsoft investigation has discovered that malware is being installed by criminals on to brand new machines in China, before they even leave the factory. It also found that in most cases, the PCs were shipping with counterfeit versions of Windows.
While some might roll their eyes at this story, expecting nothing less from Chinese manufacturing, it’s shows an impressively deceptive way for criminals to get their nefarious software onto a user’s machine without them knowing. How many people will run a virus scan on a brand new PC?
In all, investigators bought 20 new computers to test for malware and found instances of it on four of them. All of them however came with forged versions of Windows, which suggests how these machines are getting infected in the first place. To save money, the PC manufacturers are using counterfeit copies of Windows, often meaning regular updates become difficult or may even contain malware in the original install itself. The most malicous bit of software found during the investigation was the Nitol virus, which connected the brand new PCs to a botnet as soon as they were connected online.
However it’s not just a threat of having your new system used as part of a DDOS attack or spam network, but some trojans even allowed hackers to control the PC’s microphone and webcam, threatening a user’s privacy.
“When people buy a new PC, they often expect that machine to be secure out of the box. The fact that malware is being inserted at such an early stage in the product lifecycle turns this on its head and unfortunately means that no matter how discerning a user is online, their caution becomes irrelevant if that PC is already tainted,” said director of Europe at security firm FireEye (via The Guardian).
These details have been been revealed as part of a court case Microsoft is initiating against a Chinese businessman, Peng Yong, who the software firm claims is responsible for much of the malware, since his company operates a domain that acts as a hub for more than 500 different viruses and spyware programs.
KitGuru Says: This story certainly chalks one up for the do-it-yourself builders out there. Obviously very few of our members here are about to buy a PC from China, but does this make you wary about where you do buy your system from?