Many New PCs in China Come With Malware Preinstalled

Microsoft revealed this finding in a new whitepaper and attributes the high rate of infections of PCs to a shaky supply chain structure that does not prevent the presence of counterfeit products. To lower the cost of a new PC, potentially compromised products are sometimes knowingly accepted. It does not take much to see that this scenario is a goldmine for malware makers and allows the malware business to flourish.

In its whitepaper Microsoft said that in some instances malware strains were contacting a known malware hosting source, 3322.org, and added infected PCs to the Nitol DDoS botnet. There were "500 different strains of malware hosted on more than 70,000 subdomains," Microsoft said.

Following its discovery, Microsoft acquired control of the domain via a court order on September 10. In addition to Nitol, Microsoft said that it also found malware "capable of remotely turning on an infected computer’s microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim’s home or business", as well as malware "that records a person’s every key stroke, allowing cybercriminals to steal a victim’s personal information."

Microsoft said that its recent actions will "reduce the impact of the menacing and disturbing threats associated with Nitol and the 3322.org domain". However, there is no effect on the overall infrastructure how malware finds its way into the supply chain. This case is clearly limited to China, but given the increasing concern about counterfeit products, it may be a smart move and common sense to run an anti-malware scan on your next new PC when you turn it on for the first time. Just in case.

 

Contact Us for News Tips, Corrections and Feedback

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
23 comments
    Your comment
    Top Comments
  • waynewarrior78
    The first thing I have to do (and I imagine most people on this site) when I buy a new laptop or phone is completely reformat and install the OS due to the incredible amount of bull crap they install on it for you. My asus laptop and Skyrocket phone were useless day 1, awesome day 2 :D
    24
  • Pennanen
    waynewarrior78The first thing I have to do (and I imagine most people on this site) when I buy a new laptop or phone is completely reformat and install the OS due to the incredible amount of bull crap they install on it for you. My asus laptop and Skyrocket phone were useless day 1, awesome day 2

    Funny thing, all the bloatware that prebuilt pcs and laptops have make the pc slower than if it was infected.
    17
  • mavroxur
    HP/Compaq have been doing this since the 90's
    13
  • Other Comments
  • waynewarrior78
    The first thing I have to do (and I imagine most people on this site) when I buy a new laptop or phone is completely reformat and install the OS due to the incredible amount of bull crap they install on it for you. My asus laptop and Skyrocket phone were useless day 1, awesome day 2 :D
    24
  • rantoc
    Block the whole .cn ip range seems more and more like a clever move!
    1
  • stingstang
    Anyone else for cutting China off the internet?
    8