Microsoft Researchers Find New Computers with Pre-Installed ‘Nitol’ Botnet-Type Malware
You would think that the ultimate solution to any computer problems you may be having, including being infected with malware, is to purchase a new system. The unfortunate news to come from Microsoft researchers is that some new computers were found to be pre-installed with a malware threat called Nitol.
Researchers from Microsoft currently investigating counterfeit software in China were surprised to find out that new systems booted for the first time were compromised with a botnet.
If you follow our malware news updates, you may already know that a botnet threat is a piece of malware that is able to compromise a system so that it could be instructed to perform malicious actions over the Internet.
As you are probably thinking, purchasing a new PC should be a fresh start and free from any malware infections. This, unfortunately, isn't the case of new systems that Microsoft researchers have found in China. The researchers have found malware called Nitol installed on various systems obtained as part of a team investigating the sale of counterfeit software. Since the discovery, a computer fraud lawsuit has been filed by Microsoft against a web domain registered to Chinese businessman Peng Yong. The Nitol malware comes pre-loaded on various systems where it is able to direct the system to a malicious site 3322.org (do not visit).
Nitol was identified as a backdoor Trojan horse that is commonly distributed on new computers sold through small operations or shady PC-sale sources on the Internet. Nitol has botnet functionality allowing an infected system to connect to remote sources where it awaits instructions after connected to the Internet.
Microsoft researchers believe that the 3322.org source is a major hub of malicious online activity harboring as many as 500 other types of malware. The Washington Post reports that this site is the largest single repository of malicious software ever encountered by Microsoft. With such as vast network of malware, and potentially compromised systems connected to 3322.org, new computers with Nitol pre-installed could join a massive botnet (group of compromised systems) and later be instructed to perform malicious actions without any indication to the computer user.
The new systems found to have pre-installed malware are most likely not from established vendors such as Dell, HP, Acer or Sony. The chances of getting a system with pre-installed malware increase greatly if the computer is obtained from a knock-off major-brand PC vendor or customized systems from a bargain shop over the Internet.
The lesson in this discovery by Microsoft researches should resonate with any consumer who purchases a new computer. Do not assume that just because the system is brand new that it is completely free from malware. Although it is very rare that a new computer has pre-installed malware, the possibility increases as you venture outside of trusted sources for purchasing your new computer. Sometimes a bargain PC may not be such of a good-deal if it is found to be infected with malware.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.