Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Found In New HDs Sold In Taiwan

Posted by kdawson on from the bourne-again dept.

GSGKT writes "About 1,800 brand new 300-GB or 500-GB external hard drives made for Maxtor in Thailand were found to have trojan horse malwares pre-installed (autorun.inf and ghost.pif). When the HD is in use, these forward information on the disk to two websites in Beijing, China: www.nice8.org or www.we168.org. The article implies that authorities believe the Chinese government is behind the trojans. A later article pins down the point of infection to a subcontractor company in China. A couple of months back the Register was reporting on pre-installed malware detected on Maxtor disks sold in the Netherlands. This earlier report was downplayed by a Seagate spokesman." The more recent Taipei Times article says that Seagate admits the problem on its Web site, but a search there turns up nothing.

4 of 344 comments (clear)

  1. Can't trust hardware anymore? by compumike · · Score: 4, Insightful

    While the open source movement has done a great deal toward making software understandable, at some point, people have to trust their computers. However, this used to be a great deal easier, because engineers had a good idea of what could be done with a particular amount of circuitry.

    The increasing level of integration means that hardware is more and more of a black box. While this has led to huge savings in cost and performance boosts, we've paid for it by being unable to debug the hardware, and unsure of what's really going on inside.

    While the case in the article talks specifically about a trojan horse installed normally on the drive -- and thus something that should have been remedied by a good formatting job -- who knows what could happen once we have vulnerabilities embedded directly into the hardware. One could certainly imagine a trojan that was hard-coded in the firmward and kept moving itself around the disc after attempts to delete it.

    It's also seems fishy that much sensitive information (of relevance to a foreign government) could be obtained from randomly putting trojans on hard drives... Isn't it possible that this was an unintentional infection from some disk-handling or testing machine along the line?

    --
    Educational microcontroller kits for the digital generation.

  2. Re:Not a trojan by Megane · · Score: 5, Insightful

    A trojan is software that convinces the user to install it by looking like something else that the user might want to install.

    Something else like a... hard disk?

    --
    #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
  3. Just more proof that autorun is insanely stupid by 0123456 · · Score: 4, Insightful

    Why oh why does Microsoft still automatically run software off any disk that's inserted into your PC? Surely decades of floppy-carried virii should have convinced them of what a frigging stupid idea that is?

  4. Troll Alert... by Belial6 · · Score: 5, Insightful

    [Troll]
    That's the problem with Windows. It doesn't Just Work(tm). You have to know these cryptic menus to edit databases just to keep your new USB drive from running whatever application happens to be on it. Maybe one day Microsoft could start doing some real usability testing and get Windows to be as easy for a new user as Linux.
    [/Troll]