Malware, the latest pre-installed surprise on new computers

There is nothing like buying a brand new PC complete with Malware designed to steal your personal information. Unfortunately that is exactly what has happened in a few stores in China. Malware is a general term used to refer to a variety of forms of hostile, intrusive, or annoying software. Malware includes computer viruses, worms, trojan horses, spyware, adware, and other malicious programs.
In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. states. Malware is not the same as defective software, which is software that has a legitimate purpose but contains harmful bugs that were not noticed before release.
Spyware is another type of malware (malicious software) installed on computers that collects information about users without their knowledge. The presence of spyware is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users. Most people imagine that their brand new computer should be safe from any infection caused by internet sites and careless browsing.

Many early infectious programs, including the first Internet Worm, were written as experiments or pranks. Today, malware is used primarily to steal sensitive personal, financial, or business information for the benefit of others.
Since the rise of widespread broadband Internet access, malicious software has more frequently been designed for profit. Since 2003, the majority of widespread viruses and worms have been designed to take control of users' computers for black-market exploitation. Infected "zombie computers" are used to send email spam, to host contraband data such as child pornography, or to engage in distributed denial-of-service attacks as a form of extortion.

Recently, Cybercriminals have opened a new front in their battle to infect computers with malware - PC production lines. Several new computers have been found carrying malware installed in the factory, suggests a Microsoft study. One virus called Nitol found by Microsoft steals personal details to help criminals plunder online bank accounts. Microsoft won permission from a US court to tackle the network of hijacked PCs made from Nitol-infected computers.

In a report detailing its work to disrupt the Nitol botnet, Microsoft said the criminals behind the malicious program had exploited insecure supply chains to get viruses installed as PCs were being built. The viruses were discovered when Microsoft digital crime investigators bought 20 PCs, 10 desktops and 10 laptops from different cities in China. Four of the computers were infected with malicious programs even though they were fresh from the factory.

Microsoft set up and ran Operation b70 to investigate and found that the four viruses were included in counterfeit software some Chinese PC makers were installing on computers. Nitol was the most pernicious of the viruses Microsoft caught because, as soon as the computer was turned on, it tried to contact the command and control system set up by Nitol's makers to steal data from infected machines.

Further investigation revealed that the botnet behind Nitol was being run from a web domain that had been involved in cybercrime since 2008. Also on that domain were 70,000 separate sub-domains used by 500 separate strains of malware to fool victims or steal data.

Malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business. A US court has now given Microsoft permission to seize control of the web domain, 3322.org, which it claims is involved with the Nitol infections. This will allow it to filter out legitimate data and block traffic stolen by the viruses.

Peng Yong, the Chinese owner of the 3322.org domain, told the AP news agency that he knew nothing about Microsoft's legal action and said his company had a "zero tolerance" attitude towards illegal activity on the domain.

"We currently have 2.85 million domain names and cannot exclude that individual users might be using domain names for malicious purposes,the sheer number of users it had to police meant it could not be sure that all activity was legitimate" he said.

For most people this simple fact of Malware being randomly hidden in the supply chain of computer-parts for hardware and in counterfeit software, has gotten Microsoft worried. 20 percent of computers brought might have this Nitol botnet, which can easily spread by usb drive from computer to computer. Malware can record a person's every key stroke, allowing cybercriminals to steal a victim's personal information. The Nitol botnet malware itself carries out distributed denial of service (DDoS) attacks that are able to cripple large networks by overloading them with Internet traffic, and creates hidden access points on the victim's computer to allow even more malware - or anything else for that matter - to be loaded onto an infected computer.
What is interesting in this investigation is that Microsoft is putting the blame on counterfeit software. Although there is a proven correlation between some pirated software and malware it is not exactly the main method of infection for most malware. In most cases a good viral checker can hopefully wipe and clean most infections.In light of this serious news, maybe its best to check your computer and take it to an expert at the start, or at least install anti-vial software and other security measures before browsing...