Feeds

Kaspersky: Maxtor markets password-pilfering Dutch disk drives

Buy now and get free malware

Choosing a cloud hosting partner with confidence

Security mavens from Kaspersky say they have discovered a nasty virus that came pre-installed on Maxtor external hard drives sold in the Netherlands.

The virus, dubbed Virus.Win32.AutoRun.ah, was found on the Maxtor 3200 Personal Storage, according to this press release from Kaspersky (translated from Dutch to English courtesy of FreeTranslation.com).

The company said the virus roots around a computer in search of gaming passwords. The malicious code also rifles through a computer's contents and deletes mp3 files, according to a separate description of the virus, also from Kaspersky.

A spokesman for Seagate, which recently acquired Maxtor, said the company was investigating Kaspersky's findings. "This scenario seems unlikely because the 3200 does not have any software preloaded on the drive so there is not an opportunity for a virus to be loaded," he said. Yes the drive is formatted but I have never heard of a virus that lives in the master boot record."

The report comes days after the discovery that Medion laptops shipped to stores in Denmark and Germany were infected with a 13-year-old virus. "Stoned.Angelina" was a low-risk virus that infects the master boot record of a hard disk. Apart from its ability to replicate, it carries no payload.

The virus infecting the Maxtor drive, by contrast, was discovered less than four months ago, and considering claims of password theft, it appears to rise significantly above the nuisance level. What's more, it's installed as soon as a user plugs in the drive and double clicks on a corresponding icon, according to Kaspersky. It tries to install itself with an autorun.inf file in the root of the external disk which runs a file called GHOST.PIF.

The virus was found on several Maxtor hard disks of various capacities bought on Monday. Kaspersky speculates they were infected during formating in the factory. ®

Beginner's guide to SSL certificates

More from The Register

next story
Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
The Fourth Amendment... and it IS better
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Don't wait for that big iPad, order a NEXUS 9 instead, industry little bird says
Google said to debut next big slab, Android L ahead of Apple event
Microsoft to enter the STRUGGLE of the HUMAN WRIST
It's not just a thumb war, it's total digit war
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
A drone of one's own: Reg buyers' guide for UAV fanciers
Hardware: Check. Software: Huh? Licence: Licence...?
The Apple launch AS IT HAPPENED: Totally SERIOUS coverage, not for haters
Fandroids, Windows Phone fringe-oids – you wouldn't understand
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.