Feeds

Kaspersky: Maxtor markets password-pilfering Dutch disk drives

Buy now and get free malware

Securing Web Applications Made Simple and Scalable

Security mavens from Kaspersky say they have discovered a nasty virus that came pre-installed on Maxtor external hard drives sold in the Netherlands.

The virus, dubbed Virus.Win32.AutoRun.ah, was found on the Maxtor 3200 Personal Storage, according to this press release from Kaspersky (translated from Dutch to English courtesy of FreeTranslation.com).

The company said the virus roots around a computer in search of gaming passwords. The malicious code also rifles through a computer's contents and deletes mp3 files, according to a separate description of the virus, also from Kaspersky.

A spokesman for Seagate, which recently acquired Maxtor, said the company was investigating Kaspersky's findings. "This scenario seems unlikely because the 3200 does not have any software preloaded on the drive so there is not an opportunity for a virus to be loaded," he said. Yes the drive is formatted but I have never heard of a virus that lives in the master boot record."

The report comes days after the discovery that Medion laptops shipped to stores in Denmark and Germany were infected with a 13-year-old virus. "Stoned.Angelina" was a low-risk virus that infects the master boot record of a hard disk. Apart from its ability to replicate, it carries no payload.

The virus infecting the Maxtor drive, by contrast, was discovered less than four months ago, and considering claims of password theft, it appears to rise significantly above the nuisance level. What's more, it's installed as soon as a user plugs in the drive and double clicks on a corresponding icon, according to Kaspersky. It tries to install itself with an autorun.inf file in the root of the external disk which runs a file called GHOST.PIF.

The virus was found on several Maxtor hard disks of various capacities bought on Monday. Kaspersky speculates they were infected during formating in the factory. ®

Application security programs and practises

More from The Register

next story
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
For Lenovo US, 8-inch Windows tablets are DEAD – long live 8-inch Windows tablets
Reports it's killing off smaller slabs are greatly exaggerated
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Seventh-gen SPARC silicon will accelerate Oracle databases
Uncle Larry's mutually-optimised stack to become clearer in August
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.