Chinese-made laptops’ latest feature: Pre-installed viruses

[Hillbilly Jim]

By the time you switch on your fresh-out-of-the-box laptop for the first time, it may already be infected with dangerous malware that can either harm you or turn your computer into a pawn in a criminal cyberwar.

This accidental discovery was made by Microsoft’s digital crimes unit during an investigation into Chinese computer manufacturers, many of whom are illegally installing its Windows operating system onto their hardware.

"The cybercriminals are really changing the ways they try to attack you," Richard Boscovich, a former federal prosecutor and a senior attorney in Microsoft's digital crimes unit wrote in the company’s blog.

After Microsoft engineers purchased and tested local laptops, they discovered that 20 percent of them had become infected with viruses or malware at some point between leaving the assembly line and the date of purchase.

"We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," Boscovich said. "Additionally, we found malware that records a person's every keystroke, allowing cybercriminals to steal a victim's personal information.”

Microsoft security officers found that most of the infected computers contained a powerful and malicious software program called Nitol. The malware apparently originated from a notorious server called 3322.org, which in 2009 was reported to be responsible for nearly a fifth of the world’s illegal transactions.

The US software giant filed a lawsuit with a Virginia District Court to block the server. The judge ruled in Microsoft’s favor earlier this week.

Server owner Peng Yong, the defendant in the trial, claimed that he had no knowledge of Microsoft’s findings and denied any responsibility.

"Our policy unequivocally opposes the use of any of our domain names for malicious purposes," Peng told the AP news agency.

In the first few days after the legal rulings, Microsoft says that it has already blocked some 37 million malware connections to 3322.org.

But as one source of malware is snuffed out, another is likely to grow in its place.

Microsoft said that no computer can be guaranteed to be virus-free as long as “unsecure supply chains” continue to exist in China. The country teems with lightly regulated electronics manufacturers, offering plenty of opportunities for fraud. And for the ordinary customer, finding out whether a hacker laid hands on your laptop after leaving the factory can be a tricky task.

"So how can someone know if they're buying from an unsecure supply chain? One sign is a deal that appears too good to be true. However, sometimes people just can't tell, making the exploitation of a broken supply chain an especially dangerous vehicle for infecting people with malware,” Boscovich said.