Dell blames staff for malware infection Dell said human error was to blame for mistakes which led it to ship a number of replacement server motherboards to customers pre-loaded with spyware. The company declined to say whether it was running anti-virus software at its factory but said it had taken 16 steps to improve processes. The infection hit replacement …
What chance do we stand if new hardware arrives pre loaded with viruses?
Also, it appears from the article that Dell is hardly being very forthcoming about how this happened.
Perhaps they need to take a leaf from Apple on how to handle P.R.
On second thoughts, perhaps not...
W32.Spybot.Worm is a detection for a family of worms that spreads using the Kazaa file-sharing network and mIR ..
"The worm was discovered in flash storage on the motherboard during Dell testing. The malware does not reside in the firmware,"
http://en.community.dell.com/support-forums/servers/f/956/t/19339458.aspx
This post has been deleted by its author
borrowed the USB drive that normally sits on the automated system recording device to move some music files on his personal laptop, then put it back in the system. The automated system, being standalone and only used to burn the data to the flash drive as part of the refurb process wouldn't even need to be running Windows. Could be a linux or BSD device that copies the data from the drive to the USB to the flash. In the air gap case it certainly shouldn't need AV since the USBs should be scanned before being inserted into the device.
Of course, it could also be a Windows system since Dell probably gets them almost free from MS. But it wouldn't have to be.
presumably, since these were replacement motherboards, thus being installed in established systems, the spyware really should've had no effect on anything, since every IT admin worldwide is a knowledgeable and responsible individual and would never run a windows system without malware protection...
You think its bad now, just wait until people find out that several of these boards made their way into SCADA systems.
Maybe the whole 2012 thing is actually a variant of the Y2K bug, but with an embedded BIOS worm with a date trigger of 21st December 2012.. imagine the chaos when 100M windows machines nuke their hard disk firmwares on the stroke of midnight.
AC, because there won't be any on 21-12-2012....
Dell contracts most of this work out. These contractors strip the good parts off of warranty returns. The motherboard bios is brought up to date if necessary. The virus found its way into a bios binary on one or more of the updater systems.
Still an unforgivable sin, but rest assured quality control is much tighter at Dell's factories.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
