Cybercriminals Turn to Supply Chain, Infect New Computers with Malware

Paul Lilly

If you think dealing with bloatware on a new OEM system is a pain in the backside, imagine buying a PC only to find out that it's infected with malware...straight from the factory! Apparently that's something PC shoppers need to be worried about these days, according to an investigation conducted by Microsoft's Digital Crimes Unit (DCU) . The investigation and subsequent sting operation, codenamed "Operation b70," found that several new systems sold in China had malicious software pre-installed.

In a blog post , Microsoft said it was granted permission to disrupt more than 500 different strains of malware with the potential for targeting millions of innocent people, which comprised the Nitol botnet. Operation b70 came as a result of a study in which Microsoft discovered cybercriminals had started infiltrating unsecure supply chains to "introduce counterfeit software with malware for the purpose of secretly infecting people's computers."

Not surprisingly, Windows was among the counterfeit software, with malware in tow. Microsoft claims that 20 percent of the PCs its researchers purchased from an unsecure supply chain had been infected.

"Making matters worse, the malware was capable of spreading like an infectious disease through devices like USB flash drives, potentially causing the victim’s family, friends and co-workers to become infected with malware when simply sharing computer files," Microsoft said.

All the more reason to roll your own rig, right?

Follow Paul on Google+ , Twitter , and Facebook

Around the web