Microsoft admits millions of computers could be infected with malware before they're even out of the box

 

Hackers have uploaded viruses which can help them steal people's personal data on to millions of PCs and laptops before they are even taken out of the box, Microsoft has admitted.

The company said it found malware which allows would-be criminals to remotely switch on and control cameras and microphones, among other devices, on machines which were still factory sealed. The software is loaded with counterfeit copies of Microsoft Windows, the company said.

“Cybercriminals have made it clear that anyone with a computer could become an unwitting mule for malware,” wrote Microsoft's assistant general counsel for its Digital Crimes Unit, Richard Domingues Boscovich.

On the company's blog, he added: “Malware allows criminals to steal a person's personal information to access and abuse their online services, including e-mail, social networking accounts and online bank accounts. Examples of this abuse include malware sending fake e-mails and social media posts to a victim's family, friends and co-workers to scam them out of money, sell them dangerous counterfeit drugs, and infect their computers with malware.”

Boscovich said the counterfeit software could enter the supply chain “at any point” because a machine normally passes through the stock rooms of numerous companies between the Microsoft factory and the consumer's living room. Any of these could potentially - unwittingly or otherwise - load counterfeited software on to the computer.

He added: “So how can someone know if they're buying from an unsecure supply chain? One sign is a deal that appears too good to be true. However, sometimes people just can't tell, making the exploitation of a broken supply chain an especially dangerous vehicle for infecting people with malware.”

The company launched a two-pronged attack on the developing Nitol botnet - a method of controlling many computers using only one. Microsoft's plan of legal action and technical disruption, codenamed “Operation b70”, found that “20 per cent of the PCs researchers bought from an unsecure supply chain were infected with malware”.

Boscovich wrote: “Our research into Nitol uncovered that the botnet was being hosted on a domain linked to malicious activity since 2008. This study also revealed that in addition to hosting b70, 3322.org contained a staggering 500 different strains of malware hosted on more than 70,000 sub-domains.

“We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business. Additionally, we found malware that records a person's every key stroke, allowing cybercriminals to steal a victim's personal information.

“The Nitol botnet malware itself carries out distributed denial of service (DDoS) attacks that are able to cripple large networks by overloading them with Internet traffic, and creates hidden access points on the victim's computer to allow even more malware - or anything else for that matter - to be loaded on to an infected computer.”

In the post, he also wrote that the malware was capable of transmitting to other computers via USB flash drives, meaning it would spread fast through a family or work place. Microsoft has now been given permission by a US court to shut down the domain behind the scheme.

According to PC Advisor, Boscovich revealed that Microsoft bought computers from “PC malls” in various Chinese cities, all of which had counterfeit copies of Windows XP or Windows 7 installed. Of the twenty purchased, three had inactive malware and one had live malware, called “Nitol.A,” that awoke when the computer connected to the Internet.

The problem is not thought to affect Western physical supply chains but the malware could be transmitted if users download infected software.

News
Howard Marks who has been diagnosed with inoperable cancer aged 69
people
Arts and Entertainment
Benedict Cumberbatch has spoken about the lack of opportunities for black British actors in the UK
film
Voices
Winston Churchill, then prime minister, outside No 10 in June 1943
voicesA C Benson called him 'a horrid little fellow', George Orwell would have shot him, but what a giant he seems now, says DJ Taylor
News
Rowan Atkinson at the wheel of his McLaren F1 GTR sports car
people
PROMOTED VIDEO
Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Ashdown Group: Systems Analyst - Tunbridge Wells - £30,000

    £25000 - £30000 per annum: Ashdown Group: Junior Test Analyst/Systems Administ...

    Recruitment Genius: Software Developer - .NET, C#

    £40000 - £65000 per annum: Recruitment Genius: A Global Real Estate Software P...

    Recruitment Genius: Drupal / PHP Developer

    Negotiable: Recruitment Genius: This is an exciting opportunity for a talented...

    Recruitment Genius: IT Technical Support Engineer

    £17000 - £26000 per annum: Recruitment Genius: Due to continuing growth, recru...

    Day In a Page

    Iraq invasion 2003: The bloody warnings six wise men gave to Tony Blair as he prepared to launch poorly planned campaign

    What the six wise men told Tony Blair

    Months before the invasion of Iraq in 2003, experts sought to warn the PM about his plans. Here, four of them recall that day
    25 years of The Independent on Sunday: The stories, the writers and the changes over the last quarter of a century

    25 years of The Independent on Sunday

    The stories, the writers and the changes over the last quarter of a century
    Homeless Veterans appeal: 'Really caring is a dangerous emotion in this kind of work'

    Homeless Veterans appeal

    As head of The Soldiers' Charity, Martin Rutledge has to temper compassion with realism. He tells Chris Green how his Army career prepared him
    Wu-Tang Clan and The Sexual Objects offer fans a chance to own the only copies of their latest albums

    Smash hit go under the hammer

    It's nice to pick up a new record once in a while, but the purchasers of two latest releases can go a step further - by buying the only copy
    Geeks who rocked the world: Documentary looks back at origins of the computer-games industry

    The geeks who rocked the world

    A new documentary looks back at origins of the computer-games industry
    Belle & Sebastian interview: Stuart Murdoch reveals how the band is taking a new direction

    Belle & Sebastian is taking a new direction

    Twenty years ago, Belle & Sebastian was a fey indie band from Glasgow. It still is – except today, as prime mover Stuart Murdoch admits, it has a global cult following, from Hollywood to South Korea
    America: Land of the free, home of the political dynasty

    America: Land of the free, home of the political dynasty

    These days in the US things are pretty much stuck where they are, both in politics and society at large, says Rupert Cornwell
    A graphic history of US civil rights – in comic book form

    A graphic history of US civil rights – in comic book form

    A veteran of the Fifties campaigns is inspiring a new generation of activists
    Winston Churchill: the enigma of a British hero

    Winston Churchill: the enigma of a British hero

    A C Benson called him 'a horrid little fellow', George Orwell would have shot him, but what a giant he seems now, says DJ Taylor
    Growing mussels: Precious freshwater shellfish are thriving in a unique green project

    Growing mussels

    Precious freshwater shellfish are thriving in a unique green project
    Diana Krall: The jazz singer on being friends with Elton John, outer space and skiing in Dubai

    Diana Krall interview

    The jazz singer on being friends with Elton John, outer space and skiing in Dubai
    Pinstriped for action: A glimpse of what the very rich man will be wearing this winter

    Pinstriped for action

    A glimpse of what the very rich man will be wearing this winter
    Russell T Davies & Ben Cook: 'Our friendship flourished online. You can share some very revelatory moments at four in the morning…'

    Russell T Davies & Ben Cook: How we met

    'Our friendship flourished online. You can share some very revelatory moments at four in the morning…'
    Bill Granger recipes: Our chef serves up his favourite Japanese dishes

    Bill Granger's Japanese recipes

    Stock up on mirin, soy and miso and you have the makings of everyday Japanese cuisine
    Michael Calvin: How we need more Eric Cantonas to knock some sense into us

    Michael Calvin's Last Word

    How we need more Eric Cantonas to knock some sense into us