Netbook comes with factory-sealed malware

Share this article:

In a rare occurrence, a brand-new factory-sealed netbook has been found to contain malware, according to researchers at Kaspersky Lab.

The factory-infected device, an M&A Technology Touch netbook, came with trojans on the disk image, found during a routine compatibility test.

“This case shows once again that even brand new products can leave the factory infected,” wrote Roel Schouwenberg, senior anti-virus researcher with Kaspersky Lab, on the company's Viruslist blog. “Safeguarding against infected new devices is particularly difficult.”

The machine seems to have been infected while technicians were installing drivers for the machine, he said.

“Given the dates associated with the files, it was clear that the infection had to occur somewhere in the process of putting these things together, or while installing drivers,” Schouwenberg told SCMagazineUS.com on Tuesday. “So it's logical to assume that a whole batch of these machines is infected.”

The infections found were examples of a common malicious family that tries to steal the online passwords of gamers and to spread to USB devices. The nature of the malware seemed to indicate that it showed up on the computer purely by accident.

“Games are very graphics intensive," Schouwenberg said. "Netbooks are not necessarily the best platforms for games. That means the malware was probably not specifically targeted to these machines.”

Manufacturers should have proper security processes in place, he said. Some makers, for example, actually have metal detectors to be sure that nobody walks into the factory with a USB stick, which they may use to accidentally introduce malware into new hardware.

Individuals at M&A Technology, which makes products for education, government and corporate customers, were informed of the problem, but did not respond publicly other than to say that they would look into it, Schouwenberg said.

A company representative could not immediately be reached for comment.

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.