(The Hosting News) – When tech giant Microsoft’s Digital Crimes Unit purchased twenty computers from Chinese retailers, it was in for what some may consider a surprise.
Four of the systems were already running malware. One of them actually contained active malware known as Nitol that was attempting to route stolen data to a C&C server.
Nitol is notable for placing an emphasis on infiltrating a users’ financial data, a key concern of any system owner.
It’s an alarming case of a new tactic cyber criminals could be using in their fight to rip off online users. Microsoft then used that information to expand its investigation, receiving approval from a U.S. District court to further go after cyber thieves.
So how could things get to the point where malware was infecting computers before they actually got into the hands of consumers? “A supply chain between a manufacturer and a consumer becomes unsecure when a distributor or reseller receives or sells products from unknown or unauthorized sources. In Operation b70, we discovered that retailers were selling computers loaded with counterfeit versions of Windows software embedded with harmful malware,” commented Microsoft in a blog post.
Nitol’s history goes back pretty far. As a botnet, it’s been active for around four years with Microsoft tracing a domain from 2008 harboring its activity. Another interesting factor of the virus is that it’s capable of instituting DDoS attacks. Microsoft’s Digital Crimes Unit has worked in the past on malware issues. Earlier this year in March, the company work to help shut down the Zeus botnet.