General discussion

Microsoft Does Hit On China

Microsoft warns China PC's coming in new with malware already installed.

Microsoft (MSFT) has discovered new computers in China are coming preinstalled with software that is embedded with malware, the company said on its company blog.
The tech giant claims it discovered that retailers in China were
selling computers that were installed with counterfeit Windows software,
and the fake software was corrupted with malware.

Discussion is locked

Follow
Reply to: Microsoft Does Hit On China
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Microsoft Does Hit On China
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
more
Resellers infected

"Microsoft says that a supply chain becomes
unsecure when reseller accepts stock from an untrustworthy source. After
launching an investigation into these unsecure supply chains, Microsoft
determined that it was being hosted at 3322.org, which contained a
"staggering 500 different strains of malware hosted on more than 70,000
sub-domains." The company obtained an ex parte temporary restraining
that allows it to take control of 3322.org, thus stopping the spread of
Nitol from it and its sub-domains.
In a write-up on the Microsoft Blog,
the company says that 20% of the PCs purchased from an unsecure supply
chain during its investigation were infected with malware, which
obviously isn't good. Nitol is capable of spreading to other machines
and devices through things like USB flash drives, making the problem
even more severe. Once you've been infected, all kinds of nasty things
can happen to your computer,
from the malware distributors remotely activating your webcams and
microphones to listen in on what you're doing, to logging all of your
keystrokes and netting your personal information without you ever
knowing your security has been breached."


3322.org now under Microsoft control.

"Microsoft's digital crimes unit has put the clamps on yet another massive botnet.
This time, the company has taken over the command and control domain
for the emerging Nitol, 3322.org. It wasn't alone on the domain, either:
in total, there were more than 500 different malware strains found
linked to some 70,000 subdomains. With a court order in hand, Microsoft
was able to wrestle DNS control from Chinese businessman Peng Yong and
his company. Going forward, traffic to and from the domain will be
filtered to ensure that unsuspecting end users aren't victimized by
Nitol or one of the other malware strains found on 3322.org.
While this takedown isn't on the same scale as Microsoft's previous actions
against Waledac, Kelihos, or Rustock, there is something unique about
Nitol. This time around, Microsoft was alerted to the problem when some
of its security operatives were investigating unsecured supply chains
and counterfeit Windows installations in China. Microsoft's
investigators found that 20% of the systems they purchased as part of
their supply chain research came with some unwanted baggage — and it
wasn't just HP or Toshiba-style software bloat. Nope, it was full-blown
malware, capable of redirecting DNS requests, sending spam, and
propogating itself via USB flash drives and local area networks."
- Collapse -
Thanks, James, a really great post, and one that should

worry us all. I was all set to take my HP laptop in to a local Vietnamese retailer, and now I'm worried, and will probably have to take it to the Chain where I bought it, (Staples Business Depot) and pay a premium to have them sort out the Computer.

Rob

CNET Forums

Forum Info