Kaspersky: Maxtor markets password-pilfering Dutch disk drives
PrintBuy now and get free malware
Posted in Storage, 19th September 2007 23:43 GMT
Free whitepaper – Standardization and Modularity in Network-Critical Physical Infrastructure
Security mavens from Kaspersky say they have discovered a nasty virus that came pre-installed on Maxtor external hard drives sold in the Netherlands.
The virus, dubbed Virus.Win32.AutoRun.ah, was found on the Maxtor 3200 Personal Storage, according to this press release from Kaspersky (translated from Dutch to English courtesy of FreeTranslation.com).
The company said the virus roots around a computer in search of gaming passwords. The malicious code also rifles through a computer's contents and deletes mp3 files, according to a separate description of the virus, also from Kaspersky.
A spokesman for Seagate, which recently acquired Maxtor, said the company was investigating Kaspersky's findings. "This scenario seems unlikely because the 3200 does not have any software preloaded on the drive so there is not an opportunity for a virus to be loaded," he said. Yes the drive is formatted but I have never heard of a virus that lives in the master boot record."
The report comes days after the discovery that Medion laptops shipped to stores in Denmark and Germany were infected with a 13-year-old virus. "Stoned.Angelina" was a low-risk virus that infects the master boot record of a hard disk. Apart from its ability to replicate, it carries no payload.
The virus infecting the Maxtor drive, by contrast, was discovered less than four months ago, and considering claims of password theft, it appears to rise significantly above the nuisance level. What's more, it's installed as soon as a user plugs in the drive and double clicks on a corresponding icon, according to Kaspersky. It tries to install itself with an autorun.inf file in the root of the external disk which runs a file called GHOST.PIF.
The virus was found on several Maxtor hard disks of various capacities bought on Monday. Kaspersky speculates they were infected during formating in the factory. ®
Free whitepaper – Fundamental Principles of Air Conditioners for Information Technology
Analyst Keynote: The Register Agile Data Center Summit
Managing desktop software for fun and profit
New storage architectures make SSDs more cost-effective
Dell PowerEdge R710 solution vs. Dell PowerEdge 2850 solution
Enabling the Agile Data Center
At what point do servers become HPC beasts?
The state of the x86 server estate
Large Hadron Collider team flicks switch on Xeon grid
Open-sourcers promise cloud elephant won't trample your code