Microsoft Finds PCs That Ship Pre-Infected

One more thing to worry about: Your brand-spanking-new computer could be infected with a virus that will raid your online bank account.On Thursday, Microsoft said it had discovered several new computers, fresh from Chinese factory floors, that carried a particularly pernicious computer virus — one capable of invading bank accounts, starting computer attacks and creating back doors that allow criminals to have their way with infected machines.
http://bits.blogs.nytimes.com/2012/09/13/microsoft-finds-pcs-that-ship-pre-infected/Also see:Malware inserted on PC production lines, says study
Cybercriminals have opened a new front in their battle to infect computers with malware – PC production lines.Several new computers have been found carrying malware installed in the factory, suggests a Microsoft study.One virus called Nitol found by Microsoft steals personal details to help criminals plunder online bank accounts.Microsoft won permission from a US court to tackle the network of hijacked PCs made from Nitol-infected computers.
http://www.bbc.com/news/technology-19585433Microsoft Intercepts ‘Nitol’ Botnet And 70,000 Malicious Domains
Microsoft has sinkholed yet another botnet: This time, it’s one out of China that also spread via counterfeit software secretly embedded with the malware.Richard Domingues Boscovich, assistant general counsel for the Microsoft Digital Crimes Unit, announced today in a blog post that Microsoft won a court order to host 3322.org, a notorious Internet domain out of which the so-called Nitol botnet operated. The infamous domain also hosts another 70,000 malicious subdomains and 500 different strains of malware, including Nitol. The U.S. District Court for the Eastern District of Virginia granted Microsoft’s request for an ex parte restraining order against Peng Yong, his company, and other John Does, according to Boscovich.
www.darkreading.com/insider-threat/167801100/security/client-security/240007333/microsoft-intercepts-nitol-botnet-and-70-000-malicious-domains.htmlNitol and 3322.org Takedown by Microsoft by Gunter Ollmann
Reading this morning’s blog from Microsoft about “Operation b70” left me wondering a lot of things. Most analysts within the botnet field are more than familiar with 3322.org – a free dynamic DNS provider based in China known to be unresponsive to abuse notifications and a popular home to domain names used extensively for malicious purposes – and its links to several botnets around the world.
http://www.circleid.com/posts/20120913_nitol_and_3322org_takedown_by_microsoft/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.