Malware’s in the Supply Line, Says Microsoft

by Jordan Richardson on September 14, 2012

Most people are familiar with computer viruses and malware coming about through the opening of email attachments or visiting weird websites, but new threats may be attacking computers right at the moment users pull them out of the box.

As part of a computer fraud lawsuit initiated by Microsoft against a web domain registered to a Chinese businessman, the company revealed an incident in which a researcher discovered the Nitol virus on a computer in direct-from-factory condition. This means that the malware somehow made its way on to the laptop in the supply chain, a prospect that proves truly frightening.

The incident was revealed after court documents were unsealed Thursday in a Virginia federal court.

Microsoft says that its investigations of the Chinese web domain turned up a hub for Internet virus activity, including the Nitol virus and some 500 other types of malware. It was the largest store of viruses and malware the company ever came across.

According to Microsoft, the supply chain becomes unsecure when a reseller takes in stock from an uncertified source. In its investigation, the company said about 20 percent of the computers from unsecure supply chains turned up with malware already on them.

Microsoft says that less reputable retailers and manufacturers will use counterfeit software in order to construct machines more economically. This increases profit margins, of course, but it also opens the doors to dangerous malware like the aforementioned Nitol virus. In markets that aren’t as regulated, these problems are even more common. With no standards, there are no rules and no reasons not to sell infected computers.

Out of 20 new computers Microsoft tested in China, they found counterfeit versions of its Windows operating system on all of them and viruses already present on four. One of the computers had the Nitol virus, already actively hunting down a computer to connect with. The laptop was made by Hedy.

One of the most dangerous things about the Nitol virus is how quickly it spreads. After a thumb drive was inserted into the effect computer, the virus instantly copied itself. When the thumb drive with the Nitol malware was put into another machine, Nitol replicated itself there too.

At this point, Microsoft is urging everyone along the supply line to be diligent about their products. Distributors, retailers and resellers need to be cautious. A lack of regulatory oversight could open the doors to more of these cases – and not just out of China – so consumers everywhere have to make sure their computers and hardware come from reputable sources.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Jordan Richardson. www.digitcom.ca. Follow TheTelecomBlog.com by: RSSTwitterFacebook, or YouTube.

Previous post:

Next post: