Friday, 12 August 2011

Warning - ALDI External 4-in-1 Hard Drive Contains Built In Malware

Circulating warnings claim that a 4-in-1 Hard Drive device sold at Australian ALDI stores contains malware.

Brief Analysis
The claims in the warnings are true. AusCERT and other reliable sources have confirmed that an old version of the Conficker malware is installed on the ALDI External 4-in-1 Hard Drive devices. ALDI has reportedly now withdrawn the devices.

 Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 2nd August 2011
First published: 2nd August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example Subject: Aldi Computer device warning


ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device $99

Reads and writes both CD and DVD Pre-installed 320GB hard drive
Built-in USB hub and card reader Perfect for notebooks Plug and play

This device contains malware. One of ALDI?s special buys from Thursday 28 July.

Device can steal data from computer systems and enable remote access to the attached computer system.

Ensure your computer?s anti-virus software is up to date.

Detailed Analysis
Warnings that are currently circulating via email and social media claim that a Hard Drive device sold by Aldi stores in Australia contains malware. One such circulating warning takes the form of a Queensland Police Intelligence Bulletin originally intended for internal police use only. According to the warnings, the "ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device" comes with malware already installed that can steal information from attached computers and allow third parties remote access.

The claims in the warnings are true. On July 28, 2011, The Australian Government Stay Smart Online Alert service published an alert about the issue which notes:

Aldi stores are currently selling an External 4-in-1 Hard Drive, DVD, USB and Card Reader which may contain malware. If infected, your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).
The Australian Computer Emergency Response Team (AusCERT) has also published an alert about the devices. According to AusCERT, the devices contain an old variant of the notorious Conficker malware which was first launched back in 2008. Given its age, most up-to-date antivirus scanners should be able to detect and deal with this threat.

If you have bought and used one of these devices, you may wish to format the hard drive on the device and conduct a full virus scan of your system. Alternatively, return the device to ALDI. ALDI has now issued a voluntary public recall of the devices, although, at the time of writing, the devices were still being promoted via the company's website.

The malware was probably installed unintentionally on the hard drives via infected computers in the factory where the devices were produced.



No comments:

Post a Comment