View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 14, 2012

UPDATED: Malware preloaded in PCs during production: study

Microsoft finds malware already installed on PCs off production line

By CBR Staff Writer

Several new computers were found to be preloaded with malware during their production at facilities, according to a new study by Microsoft.

According to the study, the Nitol malware steals personal information to assist criminals to rob online bank accounts.

The Microsoft study also revealed that the malicious programme had taken advantage of insecure supply chains to allow malwares to be installed during the development of PCs.

The company found the malware following the purchase of 20 PCs, made up of 10 desktops and 10 laptops, from different Chinese cities by its digital crime investigators.

Microsoft revealed that it had found four of those PCs infected with malware on production lines.

The investigation also revealed that botnet behind Nitol was being operated from a web domain which has been involved in cybercrime since 2008.

Microsoft’s digital crimes unit lawyer Richard Boscovich said: "We found malware capable of remotely turning on an infected computer’s microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim’s home or business."

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

The company has obtained a US court order allowing it to deal with the network involving web domain of hijacked computers infected with the Nitol virus.

The Chinese owner of the domain was quoted by AP as saying that he knew nothing about Microsoft’s legal action and said his company had a "zero tolerance" attitude towards illegal activity on the domain.

"Our policy unequivocally opposes the use of any of our domain names for malicious purposes," he said.

UPDATE: Microsoft has clarified some of the findings of this study and confirmed that the malware was not installed at factories. A full update is available here.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.