Make us your home page
Instagram

Virus found on new laptop

WASHINGTON — A customer in Shenzhen, China, took a new laptop out of its box and booted it up for the first time. But as the screen lit up, the computer began taking on a life of its own. The machine, triggered by a virus hidden in its hard drive, began searching across the Internet for another computer.

The laptop, supposedly in pristine, superfast, direct-from-the-factory condition, had instantly become part of an illegal, global network capable of attacking websites, looting bank accounts and stealing personal data.

The shopper in this case was part of a team of Microsoft researchers in China investigating the sale of counterfeit software. They suddenly had been introduced to a malware called Nitol. The incident was revealed in court documents unsealed Thursday in a federal court in Virginia. The records describe a new front in a legal campaign against cybercrime being waged by the maker of the Windows operating system, the biggest target for viruses.

The documents are part of a computer fraud lawsuit filed by Microsoft against a Web domain registered to a Chinese businessman named Peng Yong. The company says it is a major hub for illicit Internet activity. The domain is home base for Nitol and more than 500 other types of malware, making it the largest single repository of infected software that Microsoft officials have ever encountered.

What emerges most vividly from the court records and interviews with Microsoft officials is a disturbing picture of how vulnerable Internet users have become, in part because of weaknesses in computer supply chains. To increase their profit margins, less reputable computer manufacturers and retailers may use counterfeit copies of popular software products to build machines more cheaply, leaving openings for cybercriminals.

"They're really changing the ways they try to attack you," said Richard Boscovich, a former federal prosecutor and a senior attorney in Microsoft's digital crimes unit.

More than Microsoft's image is at stake when counterfeit products are tainted by malware that spreads so rapidly, he said. "It's now become a security issue," he said.

Patrick Stratton, a senior manager in Microsoft's digital crimes unit, and his colleagues inserted a thumb drive into the computer made in China and Nitol immediately copied itself onto it. When the drive was inserted into a separate machine, the virus quickly copied itself onto it.

Microsoft examined thousands of samples of Nitol, which has several variants, and all of them connected to command-and-control servers associated with the 3322.org domain, run by Peng, according to the court records.

"In short, 3322.org is a major hub of illegal Internet activity, used by criminals every minute of every day to pump malware and instructions to the computers of innocent people worldwide," Microsoft said.

U.S. District Judge Gerald Bruce Lee, who is presiding in the case, granted Microsoft's request to begin steering Internet traffic from 3322.org that has been infected by Nitol and other malwares to a site called a sinkhole. From there, Microsoft alerts affected computer users to update antivirus protections and remove Nitol from their machines.

Since Lee issued the order, more than 37 million malware connections have been blocked from 3322.org, Microsoft says.

Virus found on new laptop 09/13/12 [Last modified: Thursday, September 13, 2012 8:56pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Associated Press.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. New apartment complex delivers unique floor plans



    Business

    RIVERVIEW — A new luxury apartment community has opened in the Progress Village area touting itself as a distinct living option just 10 miles from downtown Tampa.

    Alta at Magnolia Park dubs its new apartment community, that opened earlier this year in Riverview, a modern and distinct option for living just 10 miles from downtown Tampa.
  2. 'Road to Nowhere' is back: Next phase of Suncoast Parkway coming

    Roads

    Despite intense public opposition and dubious traffic projections, the Florida Department of Transportation has announced that construction of the toll road known as "Suncoast 2" is expected to start in early 2018.

    The Suncoast Parkway ends at U.S. 98 just south of Citrus County. For years residents have opposed extending the toll road, a project dubbed the "Suncoast 2" into Citrus County. But state officials recently announced that the Suncoast 2 should start construction in early 2018. [Stephen J. Coddington  |  TIMES]
  3. A sports rout on Wall Street

    Retail

    NEW YORK — Sporting goods retailers can't shake their losing streak.

  4. Grocery chain Aldi hosting hiring event in Brandon Aug. 24

    Retail

    BRANDON — German grocery chain Aldi is holding a hiring event for its Brandon store Aug. 24. It is looking to fill store associate, shift manager and manager trainee positions.

  5. Lightning owner Jeff Vinik backs film company pursuing global blockbusters

    Corporate

    TAMPA — Jeff Vinik's latest investment might be coming to a theater near you.

    Jeff Vinik, Tampa Bay Lightning owner, invested in a new movie company looking to appeal to a global audience. | [Times file photo]