Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Netbook comes with factory-sealed malware

In a rare occurrence, a brand-new factory-sealed netbook has been found to contain malware, according to researchers at Kaspersky Lab.

The factory-infected device, an M&A Technology Touch netbook, came with trojans on the disk image, found during a routine compatibility test.

“This case shows once again that even brand new products can leave the factory infected,” wrote Roel Schouwenberg, senior anti-virus researcher with Kaspersky Lab, on the company's Viruslist blog. “Safeguarding against infected new devices is particularly difficult.”

The machine seems to have been infected while technicians were installing drivers for the machine, he said.

“Given the dates associated with the files, it was clear that the infection had to occur somewhere in the process of putting these things together, or while installing drivers,” Schouwenberg told SCMagazineUS.com on Tuesday. “So it's logical to assume that a whole batch of these machines is infected.”

The infections found were examples of a common malicious family that tries to steal the online passwords of gamers and to spread to USB devices. The nature of the malware seemed to indicate that it showed up on the computer purely by accident.

“Games are very graphics intensive," Schouwenberg said. "Netbooks are not necessarily the best platforms for games. That means the malware was probably not specifically targeted to these machines.”

Manufacturers should have proper security processes in place, he said. Some makers, for example, actually have metal detectors to be sure that nobody walks into the factory with a USB stick, which they may use to accidentally introduce malware into new hardware.

Individuals at M&A Technology, which makes products for education, government and corporate customers, were informed of the problem, but did not respond publicly other than to say that they would look into it, Schouwenberg said.

A company representative could not immediately be reached for comment.

 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.