Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Found In New HDs Sold In Taiwan

Posted by kdawson on from the bourne-again dept.

GSGKT writes "About 1,800 brand new 300-GB or 500-GB external hard drives made for Maxtor in Thailand were found to have trojan horse malwares pre-installed (autorun.inf and ghost.pif). When the HD is in use, these forward information on the disk to two websites in Beijing, China: www.nice8.org or www.we168.org. The article implies that authorities believe the Chinese government is behind the trojans. A later article pins down the point of infection to a subcontractor company in China. A couple of months back the Register was reporting on pre-installed malware detected on Maxtor disks sold in the Netherlands. This earlier report was downplayed by a Seagate spokesman." The more recent Taipei Times article says that Seagate admits the problem on its Web site, but a search there turns up nothing.

4 of 344 comments (clear)

  1. Same by renegadesx · · Score: 5, Interesting

    Lead in paint, malware in HD's same thing really

    --
    Make SELinux enforcing again!
  2. Thank goodness for Chinese manufacturing by JewGold · · Score: 4, Interesting

    I mean, so what if there's a trojan that steals my identity and turns my computer into a botnet node? So what the materials it's comprised of let off poisons that will kill me and my whole family? I saved $6 on this baby!

    --
    Is this a news report or a trailer for a motion picture?
  3. that said.. by QuantumG · · Score: 4, Interesting

    Try putting this in your autorun.inf:

    [autorun]
    shell\silly=You're silly
    shell\silly\command=calc.exe
    shell=silly

    now remove and reinsert the USB device. Hmm.. nothing happens.. how strange. Go to My Computer and double click on I: (or whatever your drive is mapped to) and what happens? Yeah, calc.exe is run. Thanks Microsoft.

    You may now flame away.

    --
    How we know is more important than what we know.
  4. Re:Not a trojan by tftp · · Score: 4, Interesting
    A hard disk is mostly... hardware. There's a little software in it, even in a good, uninfected unit

    Two cases here. First, you got an external USB HDD. It often contains lots of software. I have a Seagate USB/FireWire HDD, it comes with FreeAgent backup and configuration software. I bought the software with the HDD unit, they are one set. I would be an idiot if I format the HDD first.

    Another case is when you get an internal HDD that is supposed to be unformatted. But you don't know if it is or isn't - not before you install it into your Windows box and power it up. If the HDD is blank, as it should be, then you need to format it, and all is well. However if it is already formatted for you and contains something, Windows has no way of knowing why it is so, and it will treat it as any other removable drive - namely, will read the autorun.inf and proceed running all the viruses in the world that the drive may contain, all that before you even realize that something is wrong.

    In either case, if your antivirus finished loading by this time it may save you, if it is good enough. But I recall some recent review that claimed that a typical antivirus fails to catch as many as half of the viruses.