Asus ships Eee Box PCs with malware

Asus ships Eee Box PCs with malware

Summary: Asus has confirmed and apologized to customers (press release in Japanese; translated version) for shipping malware on the recently introduced Eee Box desktop computer :"According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition.

SHARE:
TOPICS: Hardware
99

Asus Eee BoxAsus has confirmed and apologized to customers (press release in Japanese; translated version) for shipping malware on the recently introduced Eee Box desktop computer :

"According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and an removable drives connected to the system. According to Symantec, the malware is likely to be the W32/Usbalex worm, which creates an autorun.inf file to trigger recycled.exe from D:. Separately, we've been testing the Eee Box this week, and discovered our review unit came loaded with the W32/Taterf worm - aka W32.Gammima.AG, aka kavo.exe malware that sniffs out online gaming usernames and passwords.

Which models are known to carry the malware according to Asus?

Asus Eee BoxThe company has already managed to identify the following models with associated UPC codes :

Model number: EEEBOXB202-B; UPC code: 610839761807 Model number: EEEBOXB202-W; UPC code: 610839761814 Model number: EBXB202BLK/VW161D; UPC code: 610839530526 Model number: EBXB202WHT/VW161D-W; UPC code: 610839531202 Model number: EBXB202BLK/VK191T; UPC code: 610839547753

In addition to last month's Asus fiasco when they accidentally shipped cracking tools and confidential documents on recovery DVDs, the company is among the increasing number of companies that have shipped malware on their products during the last couple of years - Apple (2006), TomTom (2007), Seagate (2007), and HP (2008).

Topic: Hardware

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

99 comments
Log in or register to join the discussion
  • Asus ships Eee Box PCs with malware

    This is a deliberate attempt by Asus to get people to move away from Microsoft Windows and get the Asus eee's with linux installed. I hope Microsoft sues them for negligence. After that people will not want to buy from Asus and they will soon be out of the netbook business. They get what they deserve, and if they continue these tactics they will be sued into oblivion.
    Loverock Davidson
    • LOL, You never fail to entertain. nt

      nt
      T1Oracle
    • Oh Please...

      If you think a company would intentionally inflict this on their customers then you are sadly mistaken.
      mikefarinha
      • You've been Trolled, by LoveTroll Davidson. NT

        NT
        invmgr@...
      • Please yourself

        Its very likely Asus did this on purpose. They should be getting the backlash they deserve from both Microsoft and the consumers. Like I said, they are trying to make Microsoft Windows look bad.
        Loverock Davidson
        • Why would ASUS want to make Microsoft look bad?

          Why on earth would ASUS want to make Microsoft look bad?

          ASUS makes lots and lots of money from making Windows compatible hardware. I doubt they would want to compromise their motherboard sales (Their largest money maker) just to make Microsoft look bad.
          mikefarinha
        • Forgot again to take your meds this morning?

          Such delusions are so [i]unpretty[/i] for the rest of us. Please take care to down your meds from now on, preferably with an alcoholic chaser to heighten their effect.
          flatliner
      • Well, He IS Bush Nazi Windoze Bigot Extrodinaire Headrock!

        For HIM, it's just more Bush&Ballmer Righttard Micro$haft spin....
        drprodny
    • Lovecrock is incorrect

      You are totally wrong, actually it is a worldwide conspiracy so sensitive and secretive that I cannot divulge the people behind it. All I can say is go inside, lock all doors and windows and await further instructions to be beamed over all radio and television channels.
      dev-null
      • I Thought You'd be Beaming Them Direct Into Headrock's Brain

        along w/Ballmer's Right-Wing M$FT zonk rays....

        dev - you're so behind the TIMES, dude! I'm formally taking back your tinfoil hat.
        drprodny
    • More accurately...

      ...This reflects how easy it is to become infected with malware when using Microsoft Windows.
      SpikeyMike
      • Not really

        Its easy to infect any system when you have direct access to the distribution. Rogue employee purposely takes down Microsoft Windows built in security to prevent malware, installs the malware, then distributes the image of it. All this being no fault of Microsoft but that of some Asus employees, and that's where the accountability should be held.
        Loverock Davidson
        • Did you hear the one about...

          ... the casual Windows users who doesn't log on as Admin? Me neither.

          That's the fundamental difference here. Microsoft, through their own engineering mis-steps, have created the false illusion that configuring (administering) a computer is easy to do and requires no specialized skills. It is patently false and these types of exploits illustrate it clearly.

          On a properly designed system, you do not run with administrator rights by default. I'm happy to see Vista is finally clued in on this, but Microsoft is to blame for creating this mindset in the first place.
          SpikeyMike
          • And that doesn't apply in this case

            Considering the image is created in a network environment at Asus. The PC was locked down, someone took out the restrictions and loaded this malware onto it. It has nothing to do with casual users since the malware was installed before the user ever gets the PC. Plain and simple it was Asus who willfully did this.
            Loverock Davidson
          • Did you read the same article that I did?

            LD, did I miss something? It's possible I did, but this is what I read:

            ?According to an email sent out by Asus, PC Advisor reports, the Eee Box?s 80GB hard drive has the recycled.exe virus files hidden in the drive?s D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and an removable drives connected to the system..."

            If a non-admin account was being used, how exactly would the C: drive get infected? This is the crux of my position. Having malware pre-loaded guarantees an attempt at spreading... Not success.
            SpikeyMike
        • not really Loverock?

          now you're taking both sides of the fence...first you say Asus did this on purpose, now you claim it's a rogue employee
          snadon1963
        • You contradict yourself

          You said at first that, "This is a deliberate attempt by Asus to get people to move away from Microsoft Windows"

          Now you say it was a rogue Asus employee.

          I suspect that you have zero evidence of either conspiracy. I wonder if you believe both of them simultaneously, or serially?
          geneven
      • More Accurately... Apple did it too!

        And considering they do not own all that much of the market, and out of 5 offenders, they were one of them... It looks pretty easy for it to happen on an Apple as well. Glass houses....
        lostdesertgirl
        • Do try to follow along...

          ...you obviously didn't read the rest of the OP's thread, otherwise you wouldn't have posted something this silly.
          User07734
    • moron

      It makes ASUS look a lot worse than MS.
      The average consumer isn't going to think that it's MS's fault that the malware is on th machine, they will blame ASUS. Joe six pack isn't going to switch over to Linux because ASUS messed up.

      These same average consumers constitute a large part of ASUS's market.

      Why am I feeding the troll?
      Jsm334