Print
Seagate, which owns Maxtor, reported today that Maxtor Basics Personal Storage 3200 hard disks produced since August 2007 may be infected with Virus.Win32.AutoRun.ah. This virus, which Symantec calls W32.Drom, and McAfee calls PWS-LegMir (see the notification page for a complete list of aliases), searches for online game passwords and sends them to a China-based server, and knocks your existing antivirus program out of action.
[Update: Paul Ferguson, a researcher for Trend Micro, has determined that the servers are actually located in Dallas, TX and Korea, according to Robert McMillan of IDG News Service]
Most of the affected games are Chinese, but one big exception is World of Warcraft. Ouch!
Seagate says that most major antivirus vendors have issued updates to stop the virus. However, if you've been lazy about updating your antivirus, or just plain don't have an antivirus program, Seagate and Kapersky Labs, which first alerted Seagate, have teamed up to offer you a 60-day trial of Kapersky's Anti-Virus 7.0, which you can download from the product notification page. Here's a direct link to the US English version.
Hey, it could be worse - and maybe it is. According to the Taipei Times, some Maxtor Basics 500GB hard disks sold in Taiwan contain two Trojan Horse viruses that send "any information saved on the computer" to Chinese websites www.nice8.org and www.we168.org.
Authorities in Taiwan believe this incident may be an attempt by the mainland Chinese government to perform cyberespionage. About 1,800 drives were affected, but only 300 were sold before the products were pulled from store shelves. In a follow-up, the Taipei Times reported that Seagate has determined that the infections originated with a China-based subcontractor.
Wondering if this is an isolated case? Wondering what you should do to protect yourself? Read on...
Comments are closed on this article
Shalbatana
November 13, 2007 at 1:00pm
I once had a windows issue where I had a DoS virus. So I re-installed Windows (formatting and all).... didn't work. I finally did what is wrongly called a "low-level" format, and all worked well. So don't tell us there's no such thing as a virus that can get that deep.
Onto my rant: I think it's pitiful that you can't even trust "pristine" hardware and software these days. I wonder if I can trust the graphics card I just installed...hhmmmmm where was it made?
This is getting out of control, the US needs to start sanctioning China until they crack down on these knock-off, low-life, lead-tainting, patent infringing subcontractors. Now don't call me names. It's not a specific people I'm upset with. It's the lack of enforced ethical business code that has gone rampant in many manufacturers there. Now why is it unchecked? Because it's good for China's economy.
Anyone know of a site that lists where computer companies products are made and/or assembled?
There's no time like the future.
Marcus_Soperus
November 13, 2007 at 2:08pm
The Alibaba.com website's a useful place to start finding out where some computer products (mostly 'white box' components, it appears) come from: http://www.alibaba.com/catalogs/7/Computer_Hardware_Software.html
However, you're probably better off looking at the label on the product itself. If you're planning to order something through a catalog or online, send an email requesting country of origin info before you order.
I've been trying to avoid Chinese-made products (I prefer Taiwan, or as we used to call it, the Republic of China, Singapore, Thailand, and the good ol' USA), but it's not easy. In many cases, there aren't any alternatives. Fortunately, a lot of hard disks are being built in countries other than China.
-----------------------------------
It's amazing how illogical a business built on binary logic can be.
Otaku16
November 13, 2007 at 4:39pm
I’ve always made it a policy to format new drives.. The extra hour of time could save days if not weeks of restoring if the partition is bunk OTB. And with this there is more of a reason to do so.
If I were to say who should be held responsible for this i would say both. China for not checking the drives they sent out and Seagate for not following up with the reports they were getting to see if it was a valid issue.
As for that rep.. I personally do not know anyone who works on computers who doesn't know what a boot sector virus is and what it can do.. So to me that guy sounds like a suit tring to do damage control. Rather then someone that knew what was going on.. I’m sure there was a lot of techs out there that did a head slap or got at least a good chuckle out of it after they read that.
Finaly it does not surprise me that there targeting wow accounts. I've seen sites that sell 1000 gold for $110+/-(depending on the server). Why bother stealing credit card numbers when people are more than willing give you there money.. If people didn't buy it. It wouldn't be sold in the first place.. And this would never have happend.
In the end, Antiviruses will be patched (if they haven't already), boot sectors will be fixed, and this will all be swept under the rug and forgotten like a lot of things are now a days.
IMO
Steve J. L.
HeartBurnKid
November 12, 2007 at 4:53pm
Quite frankly, if the company honestly believes that there's no such things as MBR viruses, then they're idiots and incompetent to manufacture hard drives. If they're just saying that in an attempt at damage control, then they are maliciously lying and putting their customers at risk. Either way, quite frankly, they shouldn't be in this business.
soggybomb
November 12, 2007 at 3:55pm
It was a Diamondmax 10, and its arm stopped working, causing me a loss of a year of data.
