Microsoft: Malware preloaded on PC production lines in China

Microsoft: Malware preloaded on PC production lines in China

Summary: The company finds cybercriminals had infiltrated unsecure supply chains to hijack brand new computers, prompting an operation to disrupt the emerging Nitol botnet, and over 500 other strains of malware.

TOPICS: Security, Hardware, China, PCs

Several new computers in a Chinese factory were found to have been infected with malware which was installed there, according to a study by Microsoft. This helped the company obtain a United States court order giving it permission to tackle the network of hijacked computers infected with the Nitol malware.

In a blog post Thursday, Microsoft said the viruses were discovered, when as part of study to confirm speculations, its team of investigators bought 20 PCs, 10 desktops and 10 laptops from different cities in China. Four of the brand new computers were preloaded with malicious programs.

Microsoft was then able to secure a court order to tackle the malware network, in its effort it codenamed "Operation b70". It later found that cybercriminals had infiltrated unsecure supply chains to introduce counterfeit software embedded with malware.

"We found malware capable of remotely turning on an infected computer’s microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim’s home or business. Additionally, we found malware that records a person’s every key stroke, allowing cybercriminals to steal a victim’s personal information," said Richard Domingues Boscovich, assistant general counsel of Microsoft's digital crimes unit, in the blog post.

One virus found was called Nitol, which helps criminals steal from online bank accounts with stolen information.

"The Nitol botnet malware itself carries out distributed denial of service (DDoS) attacks that are able to cripple large networks by overloading them with Internet traffic, and creates hidden access points on the victim’s computer to allow even more malware," said Microsoft in the post.

Nitol had attempted to connect to a command-and-control server on a domain owned by a Chinese company, Microsoft said the court order allowed it to seize control of the Web domain and "significantly limit the spread of the developing Nitol botnet".

Topics: Security, Hardware, China, PCs


Loves caption contests, leisurely strolls along supermarket aisles and watching How It's Made. Ryan has covered finance, politics, tech and sports for TV, radio and print. He is also co-author of best seller "Profit from the Panic". Ryan is an editor at ZDNet's Asia/Singapore office.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Not funny

    Between the antifreeze in the vinegar, the melamine in the dog treats, and now this, it's clear the manufacturing sector in China could use some oversight.
    Robert Hahn
    • Better yet

      "[I]t's clear the manufacturing sector in China could use some oversight."

      Or abandonment.
    • but the free market will take care of itself

      Businesses can take care of themselves...

      Among many other reasons the US was ditched, even if they still take taxpayer funded subsidy...
      • Yawn

        How do we cure flaws in a free market? With perfect government! How simple.
        Robert Hahn
  • I've been saying this for years...

    I will probably continue to say this for years more!