Malware inserted on PC production lines, says study

RUCKING FETARD

http://www.bbc.co.uk/news/technology-19585433

Cybercriminals have opened a new front in their battle to infect computers with malware - PC production lines.
Several new computers have been found carrying malware installed in the factory, suggests a Microsoft study.


Microsoft won permission from a US court to tackle the network of hijacked PCs made from Nitol-infected computers.
Domain game

In a report detailing its work to disrupt the Nitol botnet, Microsoft said the criminals behind the malicious program had exploited insecure supply chains to get viruses installed as PCs were being built.


The viruses were discovered when Microsoft digital crime investigators bought 20 PCs, 10 desktops and 10 laptops from different cities in China.




"We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," said Richard Boscovich, a lawyer in Microsoft's digital crimes unit in a blogpost.


A US court has now given Microsoft permission to seize control of the web domain, 3322.org, which it claims is involved with the Nitol infections. This will allow it to filter out legitimate data and block traffic stolen by the viruses.

http://www.guardian.co.uk/technology/2012/sep/14/malware-installed-computers-factories-microsoft?newsfeed=true

The documents are part of a computer fraud lawsuit filed by Microsoft against a web domain registered to a Chinese businessman named Peng Yong.


The company says it is a major hub for illicit Internet activity. The domain is home base for Nitol and more than 500 other types of malware, making it the largest single repository of infected software that Microsoft officials have ever encountered.


Peng, the owner of an internet services firm, said he was not aware of the Microsoft lawsuit but he denied the allegations and said his company did not tolerate improper conduct on the domain, 3322.org.


3322.org accounted for more than 17% of the world's malicious web transactions in 2009, according to Zscaler, a computer security firm in San Jose. In 2008, Russian security company Kaspersky Lab reported that 40% of all malware programs, at one point or another, connected to 3322.org.


US district judge Gerald Bruce Lee, who is presiding in the case, granted a request from Microsoft to begin steering web traffic from 3322.org that has been infected by Nitol and other malwares to a special site called a sinkhole.
From there, Microsoft can alert affected computer users to update their anti-virus protection and remove Nitol from their machines.


Since Lee issued the order, more than 37m malware connections have been blocked from 3322.org, according to Microsoft.

That's some serious traffic going through there!

40% of all Malware going through it, how would you go about setting up something like that!??

I can't find a definite answer as to whether the infected machines are limited to China or were shipped abroad...you'd have to assume what you're buying is infected though really.