Make us your home page
Instagram

Virus found on new laptop

WASHINGTON — A customer in Shenzhen, China, took a new laptop out of its box and booted it up for the first time. But as the screen lit up, the computer began taking on a life of its own. The machine, triggered by a virus hidden in its hard drive, began searching across the Internet for another computer.

The laptop, supposedly in pristine, superfast, direct-from-the-factory condition, had instantly become part of an illegal, global network capable of attacking websites, looting bank accounts and stealing personal data.

The shopper in this case was part of a team of Microsoft researchers in China investigating the sale of counterfeit software. They suddenly had been introduced to a malware called Nitol. The incident was revealed in court documents unsealed Thursday in a federal court in Virginia. The records describe a new front in a legal campaign against cybercrime being waged by the maker of the Windows operating system, the biggest target for viruses.

The documents are part of a computer fraud lawsuit filed by Microsoft against a Web domain registered to a Chinese businessman named Peng Yong. The company says it is a major hub for illicit Internet activity. The domain is home base for Nitol and more than 500 other types of malware, making it the largest single repository of infected software that Microsoft officials have ever encountered.

What emerges most vividly from the court records and interviews with Microsoft officials is a disturbing picture of how vulnerable Internet users have become, in part because of weaknesses in computer supply chains. To increase their profit margins, less reputable computer manufacturers and retailers may use counterfeit copies of popular software products to build machines more cheaply, leaving openings for cybercriminals.

"They're really changing the ways they try to attack you," said Richard Boscovich, a former federal prosecutor and a senior attorney in Microsoft's digital crimes unit.

More than Microsoft's image is at stake when counterfeit products are tainted by malware that spreads so rapidly, he said. "It's now become a security issue," he said.

Patrick Stratton, a senior manager in Microsoft's digital crimes unit, and his colleagues inserted a thumb drive into the computer made in China and Nitol immediately copied itself onto it. When the drive was inserted into a separate machine, the virus quickly copied itself onto it.

Microsoft examined thousands of samples of Nitol, which has several variants, and all of them connected to command-and-control servers associated with the 3322.org domain, run by Peng, according to the court records.

"In short, 3322.org is a major hub of illegal Internet activity, used by criminals every minute of every day to pump malware and instructions to the computers of innocent people worldwide," Microsoft said.

U.S. District Judge Gerald Bruce Lee, who is presiding in the case, granted Microsoft's request to begin steering Internet traffic from 3322.org that has been infected by Nitol and other malwares to a site called a sinkhole. From there, Microsoft alerts affected computer users to update antivirus protections and remove Nitol from their machines.

Since Lee issued the order, more than 37 million malware connections have been blocked from 3322.org, Microsoft says.

Virus found on new laptop 09/13/12 [Last modified: Thursday, September 13, 2012 8:56pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Associated Press.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. New DEP secretary says there's no conflict in political side businesses

    News

    TALLAHASSEE — When Noah Valenstein, the newly appointed head of the Department of Environmental Protection, was applying in April to be the state's top environmental regulator, he left one thing off the application: Companies he started and his wife runs have been paid nearly $1 million by politicians and lobbying …

     Noah Valenstein got the job as secretary of the Department of Environmental Protection on Tuesday May 23rd, on a unanimous vote by Gov. Rick Scott and the Cabinet. He will take the helm on June 5, with a salary of $150,000 per year. [Florida Governor's Office]
  2. New stores coming to Tyrone Square Mall, like Bath & Body Works

    Retail

    Tyrone Square Mall will welcome a half dozen new stores, like Bath & Body Works and MidiCi's The Neapolitan Pizza Company, this summer.

  3. Target Corp. reaches $18.5 million settlement with 47 states over data breach

    Retail

    Target Corp. has agreed to pay Florida $928,963 out of a newly-announced $18.5 million settlement over a huge data breach that occurred in late 2013.

    Forty-seven states and the District of Columbia have reached an $18.5 million settlement with Target Corp. to resolve the states' probe into the discounter's massive pre-Christmas data breach in 2013. 
[Associated Press]
  4. Gov. Rick Scott's family history of alcohol abuse could decide 'liquor wall' bill

    Legislature

    TALLAHASSEE — Gov. Rick Scott must decide Wednesday whether to let Walmart and other big-box stores sell liquor, and he says a factor in his decision is the history of alcohol abuse in his family.

    Florida Governor Rick Scott is considering a veto of a bill that would allow Walmart, Target and other big box retail stores to sell liquor. [Andres Leiva | Tampa Bay Times]
  5. Tampa lands Super Bowl in 2021

    Bucs

    TAMPA — Record rainfall in Los Angeles ultimately may end Tampa Bay's drought of hosting the Super Bowl.

    Mike Tomlin celebrates with LaMarr Woodley and Troy Polamalu after the Steelers beat the Cardinals in 


Super Bowl XLIII  on February 1, 2009 at Raymond James Stadium in Tampa. [Times files (2009)