Malware Infects PCs Even Before They Reach Retail Shops, Says Microsoft Study (VIDEO)
By Valli Meenakshi Ramanathan | September 16, 2012 8:22 PM EST
A new study conducted by Microsoft dubbed Operation b70, from August 2011, shows that several computers carry counterfeit software embedded with malware, BBC News reported. Apparently, the malware is introduced after the computer is shipped by the manufacturers either by transporters, distributors, or resellers even before they go up for sale in retail shops.
As part of efforts to determine security in its supply chain, the company undertook a study, when its employees brought 10 laptops and 10 desktops from stores located at various cities in China. The new laptops and desktops were found to contain malware and specifically a botnet by name Nitol that resulted in a court order giving the company permission to adopt technical measures to disrupt the botnet.
"We went into what they call PC malls," Richard Boscovich, assistant general counsel for Microsoft Digital Crimes Unit, told CNET in an interview: "We wanted to get a sampling of what an average consumer in China would get. We were surprised how quickly we were able to find something to back up the suspicion."
Apparently, Nitol steals personal details to help criminals break into online bank accounts.
A blog post by the company noted how it disrupted over 500 different strains of malware that held potential for attacking millions of PC users. This is the second successful botnet disruption the company has undertaken in the last six months that has significantly limited the spread of Nitol botnet.
"What's especially disturbing is that the counterfeit software embedded with malware could have entered the chain at any point as a computer travels among companies that transport and resell the computer," the company added in its blog post.
Also, investigations revealed that the botnet behind Nitol originated from a Web domain that was involved in cybercrime since 2008. Further, the domain hosted 70,000 separate sub-domains used by 500 separate strains of malware to fool victims or steal data.
"We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," the blog post pointed out.
Reportedly, a U.S. court granted permission to Microsoft Sept.10, to seize control of the Web domain, 3322.org, which it identifies as involved in Nitol infections. This enables separation of legitimate data and blocking stolen traffic by viruses.
Peng Yong, the Chinese owner of the 3322.org domain, told the Associated Press that he knew nothing about Microsoft's legal action and assured that his company engaged in a "zero tolerance" attitude toward illegal activity on the domain.
"Our policy unequivocally opposes the use of any of our domain names for malicious purposes," Peng told the AP.
"We currently have 2.85 million domain names and cannot exclude that individual users might be using domain names for malicious purposes," he added.
To contact the editor, e-mail:
Most Popular Slideshows
- Flight MH17 Attack: Russians Claim 'Putin A Terrorist,' Memorial at Dutch Embassy Overflows [PHOTOS]
- Typhoon Rammasun Claims 18 Lives in China, Incurs $4.32B Losses (PHOTOS)
- Ellen DeGeneres Caught Cheating with Mutual Friend Before Portia de Rossi’s Rehab – Reports [PHOTOS]
- Malaysia Airlines MH17: Vital Black Boxes Finally Land in Hands of Malaysian Authorities, Rebels Announce Ceasefire (PHOTOS/VIDEOS)
Join the Conversation
- California Fruits Recalled in USA and Canada for Possible Listeria Contamination
- Malaysian Airlines Flight 17: Air Carrier Losing $1.6 Million/Day; Crisis Management Experts Suggest Hiring Risk Expert as CEO
- The IBM and Apple Merger: Will it Spell Trouble to Rival Companies
- CBA, NAB, Westpac in Fixed Rate War Offering Below 5% Interest
- Radio Australia Cuts to Affect Isolated Vanuatu Residents Who Rely on It for Weather Bulletins
- Samsung Galaxy Note 4 Apps Leak Online, Five Fresh Features to Expect from the Android Smartphone
- Moto 360 Price Speculations, Key Features, Strategic Release Date, Design: A Watch That is More Than Just Time
- Windows Phone 8.1 Update Rollout: 20 Nokia Lumia Phones Eligible and 13 New Features to be Added
- Three New Moto G Successors Spotted in FCC Document Dubbed Moto G2, Moto M and More --Reports
- iPad Air 2 Release Date Will Skip IGZO Panel; To Rollout with Super-Slim iPad Mini Air
- Upcoming iPad Mini 3 Could be 30% Thinner and Likely be Called iPad Mini Air; Apple Q3 Results Show 9% Decrease in iPad Sales
- Sony Xperia M2 vs. Moto G – Specifications, Features and Price Showdown