October 9th, 2008
Asus ships Eee Box PCs with malware
Asus has confirmed and apologized to customers (press release in Japanese; translated version) for shipping malware on the recently introduced Eee Box desktop computer :
“According to an email sent out by Asus, PC Advisor reports, the Eee Box’s 80GB hard drive has the recycled.exe virus files hidden in the drive’s D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and an removable drives connected to the system. According to Symantec, the malware is likely to be the W32/Usbalex worm, which creates an autorun.inf file to trigger recycled.exe from D:. Separately, we’ve been testing the Eee Box this week, and discovered our review unit came loaded with the W32/Taterf worm - aka W32.Gammima.AG, aka kavo.exe malware that sniffs out online gaming usernames and passwords.
Which models are known to carry the malware according to Asus?
The company has already managed to identify the following models with associated UPC codes :
Model number: EEEBOXB202-B; UPC code: 610839761807
Model number: EEEBOXB202-W; UPC code: 610839761814
Model number: EBXB202BLK/VW161D; UPC code: 610839530526
Model number: EBXB202WHT/VW161D-W; UPC code: 610839531202
Model number: EBXB202BLK/VK191T; UPC code: 610839547753
In addition to last month’s Asus fiasco when they accidentally shipped cracking tools and confidential documents on recovery DVDs, the company is among the increasing number of companies that have shipped malware on their products during the last couple of years - Apple (2006), TomTom (2007), Seagate (2007), and HP (2008).
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
