6 replies to this topic

[LEN]

Is it common to find new "china" hardware carrying spyware and trojan horses?
The worry is how we are being infiltrated.
Does anyone know a UK Security Agency monitoring this?

[JeanInMontana]

Hi LEN and welcome to Malwarebytes. Can you be a bit more specific? What do you mean by new "china" hardware? China the country is a known area of the world to be heavily involved in all sorts of avenues of infection. It is certainly not alone in this distinction. More details are needed to give an intelligent and comprehensive reply.

[LEN]

JeanInMontana, on Sep 5 2008, 06:38 PM, said:

Hi LEN and welcome to Malwarebytes. Can you be a bit more specific? What do you mean by new "china" hardware? China the country is a known area of the world to be heavily involved in all sorts of avenues of infection. It is certainly not alone in this distinction. More details are needed to give an intelligent and comprehensive reply.

10 spyware items and 2 Trojan Horses identified by AVG were traced back to the driver CD shipped with a newly purchased "cheap" 1G MP3/4 player carrying no makers name. but browsing suggests these are of chinese origin and the term China Player is used

[sho-dan]

Hello Len

This type of hardware/software infection is not common, but there're instances they get pass through the quanlty control inspections of said manufacturers either intentionally or by oversight.(using third party manufacturers)
Early this year, a couple of major manufacturers had this problem of infected hardware.

[EliteKiller]

It's also possible that they are FP's. Run them thru VirusTotal or Virscan.org and post the logs.

[nosirrah]

LEN, on Sep 6 2008, 08:22 AM, said:

10 spyware items and 2 Trojan Horses identified by AVG were traced back to the driver CD shipped with a newly purchased "cheap" 1G MP3/4 player carrying no makers name. but browsing suggests these are of chinese origin and the term China Player is used

There have been cases where infected CD production PCs created infected CDs , I think McDonalds had this happen to them once with some sort of prmotional CD that was made over seas .

There are also cross platform worms that can infect both PC and mobile device . In most cases it some sort of autorun.inf file that the PC reads when the device is connected that tells the PC what files to autorun . CDs and flash drives work this way as well to auto-infect .

[exile360]

I heard some freaky stuff about rootkits that could infect the bios of your motherboard a while back as well as others that could infect the bios of your video card. Detecting those types must be near impossible, much less removing them, at least without flashing it to overwrite the rootkit. Of course, those types would be very specific to the actual board you're using so infection would be unlikely, unless there were some kind of generic version that could infect any board using an award bios or something similar.