[Debian-br-gud-rs] Microsoft Finds PCs That Ship Pre-Infected

[og]

Sei que não é o foco da lista, mas essa é do tipo hyper WTF... até me lembrei
de filmes de conspiração: "queremos boot com as nossas chaves criptografadas
MSFT... UEFI... ...logo: põe um bode na sala... ah? Da fábrica? Isto,
boa idéia..." :P

bb/og


http://bits.blogs.nytimes.com/2012/09/13/microsoft-finds-pcs-that-ship-pre-infected/?partner=rss&emc=rss

 One more thing to worry about: Your brand-spanking-new computer could
be infected with a virus that will raid your online bank account.

On Thursday, Microsoft said it had discovered several new computers,
fresh from Chinese factory floors, that carried a particularly
pernicious computer virus — one capable of invading bank accounts,
starting computer attacks and creating back doors that allow criminals
to have their way with infected machines.

Microsoft’s digital crime researchers purchased 20 new computers from
different cities in China and discovered that four of them had been
infected with viruses. In each case, the computers were running
counterfeit versions of Windows software that were infected with the
virus.

That virus, called Nitol, reported back to a command and control
center hosted by the Web domain 3322.org, which is registered to Bei
Te Kang Mu Software Technology. That domain, Microsoft’s researchers
say, hosts 500 different strains of malware. Some are capable of
switching on a victim’s microphone or Web camera. Others record
victims’ keystrokes, giving cybercriminals access to their log-in
credentials and online bank accounts.

Microsoft got permission from a United States court to take down the
network of Nitol-infected computers. The takedown was part of a civil
suit brought by Microsoft in its increasingly aggressive campaign —
called Project MARS, for Microsoft Active Response for Security — to
take the lead in combating digital crime, rather than waiting for law
enforcement to act.

Using similar legal means, Microsoft took down four other botnets — or
networks of infected computers — in the last few years. In each case,
Microsoft obtained a court order that allowed it to seize Web domains
and computers associated with the botnets without first notifying the
owners of the property. The court gave Microsoft permission to seize
the 3322.org domain on Monday.

“This action will significantly reduce the impact of the menacing and
disturbing threats associated with Nitol and the 3322.org domain, and
will help rescue people’s computers from the control of this malware,”
Richard Boscovich, a senior lawyer in Microsoft’s digital crimes unit,
said  in a blog post.

Peng Yong, the owner of Bei Te Kang Mu Software Technology, told The
Associated Press that he was not aware of his domain’s seizure by
Microsoft and that his company had a “zero tolerance” policy toward
illegal activity on the domain. But he added that with 2.85 million
domain names, his company “cannot exclude that individual users might
be using domain names for malicious purposes.”