Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Found In New HDs Sold In Taiwan

Posted by kdawson on from the bourne-again dept.

GSGKT writes "About 1,800 brand new 300-GB or 500-GB external hard drives made for Maxtor in Thailand were found to have trojan horse malwares pre-installed (autorun.inf and ghost.pif). When the HD is in use, these forward information on the disk to two websites in Beijing, China: www.nice8.org or www.we168.org. The article implies that authorities believe the Chinese government is behind the trojans. A later article pins down the point of infection to a subcontractor company in China. A couple of months back the Register was reporting on pre-installed malware detected on Maxtor disks sold in the Netherlands. This earlier report was downplayed by a Seagate spokesman." The more recent Taipei Times article says that Seagate admits the problem on its Web site, but a search there turns up nothing.

4 of 344 comments (clear)

  1. Obilgitory HOSTS comment: by killmofasta · · Score: 5, Informative

    Please add to your host files:
    127.0.0.1 www.nice8.org
    127.0.0.1 www.we168.org

  2. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  3. Re:First off... by colfer · · Score: 5, Informative

    Overriding autorun can be done in the registry, so you don't have to remember to hold down the shift key. Does it work for USB hard drives? Probably. These are the notes I have.

    Works for USB drives and CD-ROMS.
    [2007/10, from:
    http://www.mydigitallife.info/2006/09/11/disable-auto-run-and-auto-play-of-u3-smart-drives-launchpad/%5D

          1. Click Start -> Run.
          2. Type RegEdit in the Open text box, then press ENTER.
          3. In the Registry Editor, locate and click the following registry key:

                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom
          4. Modify the value of the Autorun to 0 (zero) so that CD-ROMs and Audio CDs do not run and start automatically when inserted.
          5. Next navigate to the following registry subkey:

                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
          6. Modify the value of the NoDriveTypeAutoRun entry to 0xb5 value to turn off the AutoRun feature for CD-ROMs by right-click NoDriveTypeAutoRun and then click Modify to type B5 in the Value data box. Select Hexadecimal, and then click OK.
          7. Quit Registry Editor.
          8. Restart your computer.

  4. Re:Nope by LurkerXXX · · Score: 5, Informative

    3rd party tools? Who needs 3rd party tools?

    gpedit.msc

    It's a windows GUI tool.

    Computer Configuration > Click "Administrative Templates" > Click "System" > Double-Click "Turn off Autoplay", set it for "All Drives" and click the "apply" button.