Asus admits Eee Box mini PC shipped with virus

Gary · Oct 14, 2008, 09:15:49

Seems Asus's nice little Eee Box min shipped with a virus in its D drive partition in Japan and maybe other areas, what gets me is how on earth did this happen?

"According to Symantec, the malware is likely to be the W32/Usbalex worm, which creates an autorun.inf file to trigger recycled.exe from D"

This trend in new hardware having malware from new is very worrying, and still shocks me.

Full story here

Rik · Oct 14, 2008, 09:17:26

It's good to know you can buy with confidence, isn't it.

Gary · Oct 14, 2008, 09:24:09

Quote from: Rik on Oct 14, 2008, 09:17:26
It's good to know you can buy with confidence, isn't it.

Its shocking Rik, how on earth does this happen? I can only thing organised crime has operatives in these places and are letting things slip in and through for their own gains

Rik · Oct 14, 2008, 09:29:51

Who knows, Gary. I tend to subscribe more the the 'sheer bloody carelessness' theory - manufacturers are cutting corners to save pennies.

Gary · Oct 14, 2008, 09:38:15

Quote from: Rik on Oct 14, 2008, 09:29:51
Who knows, Gary. I tend to subscribe more the the 'sheer bloody carelessness' theory - manufacturers are cutting corners to save pennies.

Very True but the malware has to get on the drives somehow during manufacture? I suppose carelessness and using already infected components could be an issue, I mean an image on each pc with a virus on it would do it, but what about those virgin HDD that were infected?

Rik · Oct 14, 2008, 09:44:31

No HD is ever virgin though, is it. During testing, data has been written and read. How it comes to have a virus amongst it, and how that's left and not deep wiped, though, defeats me.

Gary · Oct 14, 2008, 09:59:29

Quote from: Rik on Oct 14, 2008, 09:44:31
No HD is ever virgin though, is it. During testing, data has been written and read. How it comes to have a virus amongst it, and how that's left and not deep wiped, though, defeats me.

True but as you say how a virus gets on there and stays is mind boggling

Rik · Oct 14, 2008, 10:03:49

Sloppy quality control?

Gary · Oct 14, 2008, 10:21:57

Quote from: Rik on Oct 14, 2008, 10:03:49
Sloppy quality control?

frightening sloppy control, there is no excuse for that

Rik · Oct 14, 2008, 10:28:06

There isn't, but we see it more and more, Gary.

Gary · Oct 14, 2008, 10:51:57

Quote from: Rik on Oct 14, 2008, 10:28:06
There isn't, but we see it more and more, Gary.

Well with Norton on most machines its going to be fun as the malware on new pc's tries to disable the av at startup for the first time

Rik · Oct 14, 2008, 10:53:22

I thought Norton was malware?

Gary · Oct 14, 2008, 11:00:26

Quote from: Rik on Oct 14, 2008, 10:53:22
I thought Norton was malware?

well the new 2009 is much better and when I uninstalled it it really did go, registry was clean if I could overcome the branding I would have maybe used it.....ok maybe not but it is better. Funny thing is what they claim as new features are what Kaspersky does already, I have mine set to update every 30mins i could set it to 5mins if I wanted

its funny watching big corporations claim new ideas when its already out there in one form or another.

Rik · Oct 14, 2008, 11:02:54

There are no new ideas, only different spin...

somanyholes · Oct 14, 2008, 12:24:59

does make you wonder how this one happened. This sort of attack vector is becoming more and more prevalent. This particular issue is the easiest type to spot. The underground economy is now adding code to the hardware, such as adding code to a processor. As far as joe blog's goes he has no chance of knowing that it exists, no general security software will be able to pick this type of thing up, and with the majority of our tech hardware coming from overseas how is this getting vetted, or is it getting vetted? A prime example of this type of thing was the counterfit cisco hardware that the us military bought, anything could have been modified. From an attackers perspective this is all great. Have mass produced hardware delivered to the door with little chance of being caught. Fun fun.......

Rik · Oct 14, 2008, 12:29:22

Interesting thought, So. I wonder who builds the trigger mechanisms for the bomb??

somanyholes · Oct 14, 2008, 12:33:12

any interesting talk on this type of thing here, let me know if you want the audio

http://www.defcon.org/html/defcon-16/dc-16-speakers.html#Kiamilev

Rik · Oct 14, 2008, 12:37:23

And I thought there was enough to worry about with the financial situation...

Sebby · Oct 14, 2008, 13:28:33

Who remembers when iPods shipped with a virus? I can only think it's an disgruntled employee.

Steve · Oct 14, 2008, 14:49:47

It probably very eec to do

I'd better shuffle off and check my netbook hidden partition.

Rik · Oct 14, 2008, 15:12:04

It just shows the value of installing AV software on a new machine as the first step.

Steve · Oct 14, 2008, 16:07:45

Quote from: Rik on Oct 14, 2008, 15:12:04
It just shows the value of installing AV software on a new machine as the first step.

I purchased office 2007 student edition and it came with Norton 360 version 2.0. I thought I might as well try it on the netbook and so far after an initial play around at getting rid of extras (I just need firewall and AV)it's been fine. However I'm pretty sure it wont migrate to a serious machine.

zappaDPJ · Oct 14, 2008, 16:12:48

This slip from Asus is pretty lamentable but this one from another well know organisation is just shocking: http://news.bbc.co.uk/1/hi/technology/7583805.stm

Rik · Oct 14, 2008, 16:21:41

That could have been a nasty 'Oops!'.

JB · Oct 14, 2008, 16:40:05

"Nasa told SpaceRef that no command or control systems of the ISS were at risk from the malicious program. "

That's because a virus was a very rare thing when the ZX81 was designed.