From brand new laptop to infected by pressing 'on'

Discussion in 'malware problems & news' started by lotuseclat79, Sep 13, 2012.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
    Microsoft Disrupts the Emerging Nitol Botnet Being Spread through an Unsecure Supply

    https://blogs.technet.com/b/microso...an-unsecure-supply-chain.aspx?Redirected=true
     
  3. danleonida

    danleonida Registered Member

    Joined:
    Aug 27, 2012
    Posts:
    30
    Location:
    Vancouver, B.C., Canada
    Hm! An interesting article, indeed! Thx.

    It mentions the origin of the malware as 3322.org in China. So I looked it up: http://whois.domaintools.com/3322.org

    ...and found this:

    "Name Server:NS3.MICROSOFTINTERNETSAFETY.NET
    Name Server:NS4.MICROSOFTINTERNETSAFETY.NET"

    I'm a bit concerned about MS -- of all companies -- getting/being involved in Internet security. Their track record is not exactly 'stellar' in this respect! OK! I'm not 'a bit', I'm 'a lot' concerned about MS in the security field!

    Any thoughts, anyone?
     
  4. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    I looked 3322.org up as well and it wasn't MS see insert

    IP Addresses Report



    Created by using IPNetInfo

    Order 1 IP Address 61.160.239.28 Country China Network Name CHINANET-JS Owner Name CHINANET jiangsu province network From IP 61.160.0.0 To IP 61.160.255.255 Contact Name Chinanet Hostmaster Address No.31
    jingrong street
    beijing
    100032
    Email anti-spam@ns.chinanet.cn.net Abuse Email abuse@jsinfo.net Whois Source APNIC Host Name 3322.org Resolved Name
     
  5. danleonida

    danleonida Registered Member

    Joined:
    Aug 27, 2012
    Posts:
    30
    Location:
    Vancouver, B.C., Canada
    Just the name server I found was MS. Here's something else I found. It's a map and MS shows up not two, but three times. If I only knew what it all meant!!

    http://www.robtex.com/dns/3322.org.html#graph

    [Edit.1] You have to click the 'Graph' link at top-of-screen.[/Edit.1]

    [Edit.2] Just for fun: http://www.robtex.com/dns/google.com.html#graph only I still don't know what it all means. ;o) [/Edit.2]
     
    Last edited: Sep 13, 2012
  6. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Microsoft finds malware hidden in new computers in China

    Microsoft finds malware hidden in new computers in China
    Microsoft made this statement
     
  7. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
    Merged Threads.
     
  8. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  9. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    It doesn't matter much where the DNS translater systems lives as long as it gives you the correct country and range of IP addresses for the site.

    There is no doubt the site is in China.

    For me personally I block the whole country. That way when the bad guys move to another rouge server in China I'm still blocking them.
     
  10. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Sure. Any new pc pre-loaded with Windows should be wiped and re-installed. This would not only eliminate possible malware, but also all the crapware that gets installed by vendors such as HP or Sony, to name a few.

    There's also, depending upon one's needs, Linux as a possible option. Ubuntu 12.04 is really nice :)
     
  11. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,416

    Agreed. Wipe new laptops ALWAYS. You don't know what's been put on there by the time it finished the production line and you receive it. The amount of bloatware and crap put on Laptops these days is huge, seriously get rid of the crap.
     
  12. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    yeah but while for most of us doing this is not too difficult, 99% of other people may find this too technical.
     
  13. adrenaline7

    adrenaline7 Registered Member

    Joined:
    Apr 27, 2011
    Posts:
    128
    interesting
     
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    You're right, it's not a "mainstream" thought process. Most people who buy a laptop are thinking nothing more than antivirus when it comes to security.
     
  15. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
     
  16. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Microsoft Reaches Settlement with Defendants in Nitol Case
    Article.

    Also see:
    Microsoft Hands Off Nitol Botnet Sinkhole Operation To Chinese CERT
     
  17. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,416
    It needs to change then, you can only trust software you get from a well respected uncompromised source you download yourself.
     
  18. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Bingo.
    Mrk
     
  19. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
    I don't think you get a pure-Windows installation disk when you buy a computer. Normally, these days, it's some sort of recovery CD or partition which includes all the trash.
    So while a great idea, it's not practical.
     
  20. It doesn't help that the end-user version of Windows has gone from being licensed for 3 machines by (Windows XP Home) to being licensed for one and only one (Windows 7 Home Premium). The "family pack" version doesn't cost a whole lot more, but that still puts a bit of a damper on the idea of wiping the disks and installing the unadulterated MS version.
     
  21. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,416
    Most laptops come with a recovery partition. This usually has crap like Adobe Reader 8 and other security holes like outdated browser or flash.
     
  22. The GLoW

    The GLoW Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    22
    Location:
    USA
    When I get a new PC, Adobe is the first thing I delete.

    I'm also very discerning about what I put on it, abiding by the "less is more" route for all software.

    I'm not sure, though, that I can yet wrap my head around the idea of making the first action be reinstalling the OS. It would have to be way more practical than it is now. Easier to check out the system thoroughly in the first few days and if it is suspect, do an exchange ASAP with the vendor.
     
  23. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    It depends on whom you buy your computer from. In my case, a local PC shop always delivers all installation disks with the computer as they are an approved vendor.

    -- Tom
     
Loading...
Thread Status:
Not open for further replies.