Feeds

Chinese Trojan on Maxtor HDDs spooks Taiwan

Ghost in the machine

Securing Web Applications Made Simple and Scalable

Confirmation that a Maxtor hard disk drive was infected with a Trojan by a manufacturing sub-contractor in China is spooking Taiwanese authorities, one of the countries where examples of the infected kit have begun to appear.

As first reported by El Reg in September a pre-installed Trojan named AutoRun-AH was discovered by Kaspersky Labs on Maxtor 3200 external hard drives sold in the Netherlands. Maxtor is owned Seagate. Initially, Seagate expressed skepticism about the reports.

But following a subsequent investigation the firm confirmed that an unspecified number of Maxtor Basics Personal Storage 3200 drives sold after August 2007 were indeed contaminated by malware during the manufacturing process. It traced the problem to an unnamed sub-contractor in China.

AutoRun-AH is a Trojan that searches for passwords to online games and sends them to a server located in China. It also disables anti-virus software.

Seagate is on the case, it says. It "quickly put a stop ship to units leaving the facility as soon as the company learned of the probable infection. All units now leaving the facility in question have been cleared of the virus and units in inventory are being reworked before being released for sale. However, some affected units may have been sold to the public before the problem was detected".

Maxtor 3200 external hard drives come in a range of sizes. Some infected 500 GB versions of the product have reached Taiwan sparking a major security flap undoubtedly exacerbated by the tense political relationship between Beijing and Taipei. Many of the large capacity drives subject to the alert are used by government departments, fueling espionage fears.

Around 1,800 portable drives, produced in Thailand, were contaminated with Trojan horse malware, the Taipei Times reports. Local distie Xander International has being instructed by the Ministry of Justice to pull the products from its shelves.

Seagate has yet to respond to our requests for comment on the number of hard disks it thinks may have been infected, or where they are. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.