ss_blog_claim=a290fbfb2dabf576491bbfbeda3c15bc

Monday, November 12, 2007

Where do Trojans come from?

Chinese subcontractors blamed for trojan horses

VIRUS: Investigators say the tainted Maxtor portable hard disc, made by Seagate, uploads information saved on the computer automatically to Web sites in Beijing

By Lin Ching-lin

Following findings by the Investigation Bureau that portable hard discs produced by US disk-drive manufacturer Seagate Technology that were sold in Taiwan contained Trojan horse viruses, further investigations suggested that "contamination" took place when the products were in the hands of Chinese subcontractors during the manufacturing process.

On Saturday, Seagate Technology LLC, the manufacturer of the Maxtor portable hard drive, said on its Web site (www.seagate.com) that Maxtor Basics Personal Storage 3200 hard drives sold after August could be infected with the virus.

Anti-virus software manufacturer Kaspersky Labs also issued a similar warning. The hard drive has been temporarily pulled off the shelves and is no longer available for purchase.

UPLOAD

The Investigation Bureau said the tainted portable hard drives automatically upload any information saved on the computer to Beijing Web sites without the user's knowledge .

While investigating a Chinese subcontractor involved in the manufacturing process, Seagate found that a small number of drives were infected with the viruses. The company said the products from the problem factory had been scanned and all viruses had been eliminated, adding that all inventory would also be treated before the product was returned to stores.

Seagate did not disclose the stage in the manufacturing process where the Chinese subcontractor installed the Trojan horse.

Seagate recommended that all customers who had purchased the product install protective anti-virus software.

To this end, Seagate said that Kaspersky Labs would offer all Seagate customers a 60-day fully functional version of the Kaspersky Lab Anti-Virus 7.0 software for download and installation.

In September, the British online information technology magazine The Register published information saying that Kaspersky Labs had found a pre-installed virus named Virus.Win32.AutoRun.ah on Maxtor 3200 external hard drives sold in the Netherlands.

PASSWORDS

When the virus accesses software, it looks for gaming passwords and deletes mp3 files.

The publication asked Seagate to verify the information, but a company spokesperson said: "This scenario seems unlikely because the 3200 does not have any software preloaded on the drive so there is not an opportunity for a virus to be loaded. Yes, the drive is formatted, but I have never heard of a virus that lives in the master boot record."

The Register said that Kaspersky Labs believes the virus is installed as soon as a user installs the drive and double clicks on its icon.
This story has been viewed 2108 times.
Advertising

No comments:

 
ss_blog_claim=a290fbfb2dabf576491bbfbeda3c15bc