Microsoft admits millions of computers could be infected with malware before they're even out of the box - News - Gadgets and Tech - The Independent

Microsoft admits millions of computers could be infected with malware before they're even out of the box

 

Hackers have uploaded viruses which can help them steal people's personal data on to millions of PCs and laptops before they are even taken out of the box, Microsoft has admitted.

The company said it found malware which allows would-be criminals to remotely switch on and control cameras and microphones, among other devices, on machines which were still factory sealed. The software is loaded with counterfeit copies of Microsoft Windows, the company said.

“Cybercriminals have made it clear that anyone with a computer could become an unwitting mule for malware,” wrote Microsoft's assistant general counsel for its Digital Crimes Unit, Richard Domingues Boscovich.

On the company's blog, he added: “Malware allows criminals to steal a person's personal information to access and abuse their online services, including e-mail, social networking accounts and online bank accounts. Examples of this abuse include malware sending fake e-mails and social media posts to a victim's family, friends and co-workers to scam them out of money, sell them dangerous counterfeit drugs, and infect their computers with malware.”

Boscovich said the counterfeit software could enter the supply chain “at any point” because a machine normally passes through the stock rooms of numerous companies between the Microsoft factory and the consumer's living room. Any of these could potentially - unwittingly or otherwise - load counterfeited software on to the computer.

He added: “So how can someone know if they're buying from an unsecure supply chain? One sign is a deal that appears too good to be true. However, sometimes people just can't tell, making the exploitation of a broken supply chain an especially dangerous vehicle for infecting people with malware.”

The company launched a two-pronged attack on the developing Nitol botnet - a method of controlling many computers using only one. Microsoft's plan of legal action and technical disruption, codenamed “Operation b70”, found that “20 per cent of the PCs researchers bought from an unsecure supply chain were infected with malware”.

Boscovich wrote: “Our research into Nitol uncovered that the botnet was being hosted on a domain linked to malicious activity since 2008. This study also revealed that in addition to hosting b70, 3322.org contained a staggering 500 different strains of malware hosted on more than 70,000 sub-domains.

“We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business. Additionally, we found malware that records a person's every key stroke, allowing cybercriminals to steal a victim's personal information.

“The Nitol botnet malware itself carries out distributed denial of service (DDoS) attacks that are able to cripple large networks by overloading them with Internet traffic, and creates hidden access points on the victim's computer to allow even more malware - or anything else for that matter - to be loaded on to an infected computer.”

In the post, he also wrote that the malware was capable of transmitting to other computers via USB flash drives, meaning it would spread fast through a family or work place. Microsoft has now been given permission by a US court to shut down the domain behind the scheme.

According to PC Advisor, Boscovich revealed that Microsoft bought computers from “PC malls” in various Chinese cities, all of which had counterfeit copies of Windows XP or Windows 7 installed. Of the twenty purchased, three had inactive malware and one had live malware, called “Nitol.A,” that awoke when the computer connected to the Internet.

The problem is not thought to affect Western physical supply chains but the malware could be transmitted if users download infected software.

News
John Travolta is a qualified airline captain and employed the pilot with his company, Alto
people'That was the lowest I’d ever felt'
Life and Style
healthIt isn’t greasy. It doesn’t smell. And moreover, it costs nothing
News
peopleThe report and photo dedicated to the actress’s decolletage has, unsurprisingly, provoked anger
Property
Home body: Badger stays safe indoors
property
PROMOTED VIDEO
Life and Style
ebooksA superb mix of recipes serving up the freshest of local produce in a delicious range of styles
Life and Style
ebooksFrom the lifespan of a slug to the distance to the Sun: answers to 500 questions from readers
News
The programme sees four specialists creating what they believe are three perfect couples, based on scientific matchmaking. The couples will not meet until they walk down the aisle together
tvUK wedding show jilted
Arts and Entertainment
US pop diva Jennifer Lopez sang “Happy Birthday” to Gurbanguly Berdimuhamedow, president of Turkmenistan
musicCorporate gigs become key source of musicians' income
Arts and Entertainment
You've been framed: Henri Matisse's colourful cut-outs at Tate Modern
artWhat makes a smash-hit art show
Arts and Entertainment
While many films were released, few managed to match the success of James Bond blockbuster 'Skyfall'
filmsDaniel Craig believed to be donning skis as 007 for first time
Sport
Mikel Arteta pictured during Borussia Dortmund vs Arsenal
champions league
Voices
Yes supporters gather outside the Usher Hall, which is hosting a Night for Scotland in Edinburgh
voicesBen Judah: Is there a third option for England and Scotland that keeps everyone happy?
Arts and Entertainment
Pulp-fiction lover: Jarvis Cocker
booksJarvis Cocker on Richard Brautigan
Arts and Entertainment
Robin Thicke and Pharell Williams in the video of the song, which has been accused of justifying rape
music...and he had 'almost no part' in writing it
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Senior QA Engineer - Agile, SCRUM

    £35000 - £50000 per annum + benefits: Ashdown Group: Senior QA Engineer (Agil...

    Retail Business Analyst - Retail-J

    £40000 - £50000 Per Annum: Clearwater People Solutions Ltd: Our retail client ...

    Programme Test Manager

    £400 Per Day: Clearwater People Solutions Ltd: Our client are currently seekin...

    Project Manager with some Agile experience

    £45000 Per Annum: Clearwater People Solutions Ltd: Our client based in Chelmsf...

    Day In a Page

    Mystery of the Ground Zero wedding photo

    A shot in the dark

    Mystery of the wedding photo from Ground Zero
    His life, the universe and everything

    His life, the universe and everything

    New biography sheds light on comic genius of Douglas Adams
    Save us from small screen superheroes

    Save us from small screen superheroes

    Shows like Agents of S.H.I.E.L.D are little more than marketing tools
    Reach for the skies

    Reach for the skies

    From pools to football pitches, rooftop living is looking up
    These are the 12 best hotel spas in the UK

    12 best hotel spas in the UK

    Some hotels go all out on facilities; others stand out for the sheer quality of treatments
    These Iranian-controlled Shia militias used to specialise in killing American soldiers. Now they are fighting Isis, backed up by US airstrikes

    Widespread fear of Isis is producing strange bedfellows

    Iranian-controlled Shia militias that used to kill American soldiers are now fighting Isis, helped by US airstrikes
    Topshop goes part Athena poster, part last spring Prada

    Topshop goes part Athena poster, part last spring Prada

    Shoppers don't come to Topshop for the unique
    How to make a Lego masterpiece

    How to make a Lego masterpiece

    Toy breaks out of the nursery and heads for the gallery
    Meet the ‘Endies’ – city dwellers who are too poor to have fun

    Meet the ‘Endies’ – city dwellers who are too poor to have fun

    Urbanites are cursed with an acronym pointing to Employed but No Disposable Income or Savings
    Paisley’s decision to make peace with IRA enemies might remind the Arabs of Sadat

    Ian Paisley’s decision to make peace with his IRA enemies

    His Save Ulster from Sodomy campaign would surely have been supported by many a Sunni imam
    'She was a singer, a superstar, an addict, but to me, her mother, she is simply Amy'

    'She was a singer, a superstar, an addict, but to me, her mother, she is simply Amy'

    Exclusive extract from Janis Winehouse's poignant new memoir
    Is this the role to win Cumberbatch an Oscar?

    Is this the role to win Cumberbatch an Oscar?

    The Imitation Game, film review
    England and Roy Hodgson take a joint step towards redemption in Basel

    England and Hodgson take a joint step towards redemption

    Welbeck double puts England on the road to Euro 2016
    Relatives fight over Vivian Maier’s rare photos

    Relatives fight over Vivian Maier’s rare photos

    Pictures removed from public view as courts decide ownership
    ‘Fashion has to be fun. It’s a big business, not a cure for cancer’

    ‘Fashion has to be fun. It’s a big business, not a cure for cancer’

    Donatella Versace at New York Fashion Week