Trojan Found In New HDs Sold In Taiwan

Discussion in 'other security issues & news' started by Rilla927, Nov 12, 2007.

Thread Status:
Not open for further replies.
  1. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    http://hardware.slashdot.org/article.pl?sid=07/11/11/2246246&threshold=-1
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
  3. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    This really blew me away when I read it.
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    1. Buy from a reputable vendor.
    2. Don't use autorun in Windows.
    3. Format the hard drive before use ...
    Mrk
     
  5. ASpace

    ASpace Guest

    This is the first thing I do when I buy a new flash USB drive or hard drive . First format and then use :thumb:
     
  6. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    So funny, you think that would help ..looooooooooool.. maybe you all should extend your knowledge about persistent stealth malwarem, stalkers talk about special boot resistance, I did not set these thoughts in the world, stalkers spread these things...
     
  7. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    And you should also extend your knowledge. And stop spreading baseless fear.
    What does boot have to do with HD? And if I mount it externally and format it with ext3? What then?
    Mrk
     
  8. ASpace

    ASpace Guest


    Yes , I do think it will help

    You just tell me how will something survive if I completely format the drive :rolleyes:
     
    Last edited by a moderator: Nov 12, 2007
  9. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks:

    Trojans can be found in anywhere and can be originated from anywhere. The problem noted here definitely would propel existing issues(such as toys, seafood etc recall worldwide) into bigger black hole. But why would these trade-wise business people still rush into China, pour out MMM$ dollars investment, are they smart ? or we, consumers are having vision-impaired, mind-clotted ? Another bigger question; are there any more problems of this nature we do not know about ? Strange world, indeed. And take care.
     
  10. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Only repeating Mrkvonic advices:

    1. Disable autorun
    2. Nuke the HD before use...

    /C.
     
  11. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    What if it was attached to the firmware, would reformatting help?
     
  12. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    No, but that´s on another level. Under normal circumstances disabling autorun and formating is enough.

    Edit: regarding having a "bad" firmware from factory or flashed by some third part, I would then use an alternative OS.

    /C.
     
    Last edited: Nov 12, 2007
  13. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks:

    Nowadays, majority of computers currently in use or on order are assembled in China, how can we protect our investment ? perhaps repeating Rilla927's question; should we sanitize newly bought computer by going thru reformatting etc ?
     
  14. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    It sure sounds like to me that the Trojan is surviving after a reformat. I mean, we all need to format a drive in order to use it first, so in order for the people that reported this they had to do the same.
     
  15. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    Most drives come formatted.
    And there could be a hidden partition on the drive that Windows might not be able to see - that's why such operations are best done in non-MS environment.
    Mrk
     
  16. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Absolutely. It's extremely wise to as another poster said to NUKE completely your new HD, apply as many wipe algorithms you feel safe with, and wipe that baby clean before formatting. I use Paragon's formatting feature and not my Win XP CD and the install breezes thru in no time flat.

    Next thing you know we'll be reading malware embedded in Memory Modules from China. That's what they get for outsourcing their work to China. Leave it to more competent industries, theres a lot of press recently here in the USA over China tampering with everything from children's toys to other goods and it's just now being dealt with.
     
  17. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Boot from an appropriate live cd and delete any partition/s then create new/format.
     
  18. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    I would not disparage Chinese hi-tech so offhandedly...
    Don't forget it was Sony that got their sweet rootkits onto people's CD ...
    Mrk
     
  19. clambermatic

    clambermatic Registered Member

    Joined:
    Oct 10, 2007
    Posts:
    216
    Hmm... do a 'low level' formatting (MBR involved) on a new HDD by using an OEM util. Then re-erase the empty HDD using DoD "5220-22m" standards a couple of times. Then do the final formatting using a liveCD (or freeDOS) as suggested by someone before.

    I think that should be more than adequate enough.

    With regards to PRC-based manufacturers shipping 'infected' HDDs to oversea distributors. I don't think that to be "prevalent" or government "sanctioned". These recent reports about 'trojanized' Maxtor being shipped... it maybe more the case of "tit-4-tat". More so in relation to revelations of 'substandard' toy being reported by American importers.

    Would anyone believe that engineers employed in HDD manufacturing being so "naive" that embedding 'rootkits' in new-build HDDs won't be discovered?? ...C'mon, be real... :blink: that's a lot of craps!
     
  20. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Substandard o_O That's wat you call a date rape drug in childrens toys or high levels of poison lead paint o_O
    So your saying the US is complining about deadly toys being shipped from china so china in retaliation is shipping the US with pre-infected Hard drives..
    Man are you way off base.

    But It did/is happened/happining.
    Just read....................
    http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
     
  21. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    You guys must know something that I don't cuz every drive I have had to reformat in order to use for the first time. What the heck am I doing wrong?

    Good point about being done in non-MS enviroment. I never thought of it like that and unfortunately that's the only way I have been doing it. I guess I will have to find other alternatives.

    I just recently bought 4 Seagate drives, two 500gig in August and two 750gig in May. I changed over to a raid0 config about a week and half ago and discovered for the first time DBAN could not wipe the drives but I don't know why. When I made the Array you know it calculates the size of the two drives and thats what you punch in and it couldn't make the calculated size so I had to make it smaller than what it said in order to make it work now I have this stupid tiny little partition that exists. This has puzzled me from the start. It's the two 500gigs that DBAN threw up the error.
     
  22. clambermatic

    clambermatic Registered Member

    Joined:
    Oct 10, 2007
    Posts:
    216
    'loneWolf'... Indeed i do suspect it still as a 'tit-4-tat' vis-a-vis "contaminated toys exports" against "rootkitted HDDs". I have talk to my former colleagues currently based in PRC and a couple of my alumnis presently associated with UMC (when this issue was fresh out)... a majority of them do lean towards my hypothetics.

    If you arranged the 'toy contamination' & the recent 'embedded HDDs' events in chronological order... they're not too far apart. C?


    It has happened, yep. SEs, CEs... they're not that "naive" as i said! It doesn't need a rocket scientist to figure it all out... more so on a 'forensic' state of mind. Embedding such, with currently existing "rootkit detection" techniques & QC process by all major freeworld-based HDD manufacturers are only attempted by a handfull of bozos... unless it was meant to be a calculated risks by those instigators! ;)
     
  23. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Do you mean flash memory? Because RAM can't hold data if it isn't powered.
    This is short-sighted to say the least. Chinese people is more than capable of producing goods of high quality. In fact, lots of countries from all over the world can produce goods of higher quality and cheaper than those made in the USA. Also, it takes only a couple of quick Google searches to see that American manufacturing isn't that good. Look for news about contaminated foods or serious manufacturing flaws.
    You should point your finger at corporate greed and the so called "Wal-Mart economy".
    What about lettuce harvested in the USA and contaminated with E.coli?

    On topic: this isn't news. Apple and McDonald's have shipped infected audio players in the past.
     
    Last edited: Nov 14, 2007
  24. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks:

    In spite of tainted/infected merchandises coupled with public outrages, those fat/greedy corporate monsters will stay on course, nothing will persuade them to change strategies as long as the following formula remains intact:
    (Cost saving by outsourcing to third country ) minus ( cost sustained by doing damage control, namely product recall; apology/confession on media) equals huge profit( generous bonus payout to execs and handsome dividends distribution to stock holders). Ironiclly, those who complain loudly may be the receiver of corporate dividends. Strange world, people tend to eat other people. :mad:
     
  25. Dogbiscuit

    Dogbiscuit Guest

    Lucas, you make some good points. As an American and former expatriate, I understand what you're saying.

    Every nation on the planet has it's strengths and weaknesses, and these also change over time. Some of us probably need to be reminded to be more sensitive to that.

    This thread also seems to be as much a discussion of politics as security or privacy.
     
    Last edited by a moderator: Nov 14, 2007
Loading...
Thread Status:
Not open for further replies.