X

Microsoft: malware added to PCs on the production line

Microsoft has admitted it found PCs that were infected with malware somewhere in the supply chain, before it even reached a consumer.

Joe Svetlik Reporter
Joe has been writing about consumer tech for nearly seven years now, but his liking for all things shiny goes back to the Gameboy he received aged eight (and that he still plays on at family gatherings, much to the annoyance of his parents). His pride and joy is an Infocus projector, whose 80-inch picture elevates movie nights to a whole new level.
See full bio
Joe Svetlik
2 min read

A study by Microsoft has found that cybercriminals are infecting PCs with malware before they even reach a shop, let alone a paying customer. That's right, the ne'er-do-wells have infiltrated the production line, the BBC reports.

Seriously, what chance do we have?

Apparently the criminals exploited insecure supply chains to install viruses while the PCs were still being built. That sounds like a fancy way of saying they sneaked into the factory, but a Microsoft spokesperson confirmed to me that "the malware is loaded after the product is shipped by the original equipment manufacturer to a distributor, transporter, or reseller".

Microsoft's sleuths discovered the viruses when they bought 10 desktops and 10 laptops in China. Four of the 20 PCs were infected with malware even though they were fresh off the shelves.

One of the viruses is called Nitol (isn't that a sleeping aid?) and pilfers personal details to let the bad guys access your online bank account. As soon as your Nitol-infected computer is switched on, it tries to contact the system set up to half-inch your details. Worse, in some cases the bad guys can actually see inside your home.

"We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," said Richard Boscovich, a lawyer in Microsoft's digital crimes unit, in a blog post. Worrying.

Microsoft has been granted permission by a US court to seize control of the web domain 3322.org, which it claims is involved with Nitol. But Peng Yong, owner of the domain, claimed he knew nothing about Microsoft's actions.

"Our policy unequivocally opposes the use of any of our domain names for malicious purposes," he told a news agency. But he added because of the huge number of users, he couldn't rule out some illegal activity.

Honestly, you change your passwords, only download from legal sites, and take all other manner of actions to stay safe online, only to find your PC was infected from the get-go. What can you do?

Let me know your thoughts below or on Facebook.

Update 18 September: Clarified at which stage the malware was added.

Computing Guides

Laptops
Desktops & Monitors
Computer Accessories
Photography
Tablets & E-Readers
3D Printers
Computing Coupons