Many people complain that their new Windows PC is slow or showing some signs of infection, even when they have not installed any new software. The reasons for this could well be different!
Microsoft’s Digital Crime Unit (DCU) has conducted a research study to find how much of the counterfeit software available is pre-loaded with malware. These researchers purchased 20 new Windows PC from the stores that were pre-installed with counterfeit software by the vendors and examined them.
To their surprise they found that 4 out of the 20 new PC’s infected with the malware – that I a 20% infection rate. The malware were able to attack the PC and were able to create actions like DDoS attack, creating hidden access points, key-logging and also steal data.
Among the malware, one of them was attempted to connect the PC with control servers of a known Nitol Botnet. The study also revealed that the builders of this botnet were infecting digital products and distributing them though sellers from an unauthorized or an unknown source, making it an unsecure supply chain. It was found that nearly 500 different malware were linked with this botnet command or control servers. Some of this malware are also able to access the webcam and the microphones of the infected PCs. This malware also allowed the criminal to steal personal information like e-mail accounts, social network accounts and online bank accounts.
The Digital Crime Unit has taken legal action to disrupt the malware hosted in the subdomains. The subdomains that hosted the botnet’s command and control servers linked to more than 500 different types of malware.
As a part of Operation b70 Microsoft was fully successful in disrupting the emerging Nitol Botnet being spread through this unsecure supply chain.