Top Five Emerging Malware Threats It was only a matter of time until malware was pre-installed on computers at the factory level. After all, USB drives loaded with malware have been a problem for some time, so you knew that sooner or later someone was going to bypass user interaction and just put the malware […]
Top Five Emerging Malware Threats
It was only a matter of time until malware was pre-installed on computers at the factory level. After all, USB drives loaded with malware have been a problem for some time, so you knew that sooner or later someone was going to bypass user interaction and just put the malware directly on the computer before it even reached its owner.
This is what Microsoft discovered recently while investigating in China for counterfeit versions of Windows software (Microsoft has filed a fraud lawsuit against a Chinese Web domain). According to PC World:
The suit alleges that the Nitol malware on the new PCs points the compromised systems to 3322.org. Microsoft believes the site is a major hub of malware and malicious online activity. Microsoft claims that site in question hosts Nitol, as well as 500 other types of malware. A Washington Post report states that it’s the largest single repository of malicious software ever encountered by Microsoft.
Exactly when and where in the supply chain the malware injection occurred is not easy to answer. David Harley’s excellent post on the topic at ESET Threat Blog pointed out that Microsoft hasn’t been specific about its suppliers. Even if it were, I think it would take a bit of investigation to find out at exactly what point the malware was added.
Microsoft checked a relatively small sample of computers — 20 — that were running bootleg versions of Window. Four of those were installed with Nitol. But how many computers were installed with the fake software and the real malware that went undetected by Microsoft?
The PC World article stated that if you purchase your computer from a respected computer company, chances are your PC is safe from the supply-chain trickery. I would like to think that’s true, but I’m a little skeptical. If the machines were built in China, can anyone guarantee the machines aren’t being tampered with?
If you can’t build your own computers, the next best thing is to avoid systems with pre-loaded software. And make sure the first thing you do install is a good security system.
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
