According to Microsoft, a new tendency has arisen in cyber-crime: to install viruses into computers as they are being constructed on production lines.
In their study, the software giant Microsoft found that several new computers contained malware and that the malicious code had been installed in the factory where the computers were constructed. According to The Register, most of the computers investigated were manufactured in China.
Due to its concerns about the rate of computer infection, Microsoft set up an investigation called Operation b70, which is part of the wider Project MARS (Microsoft Active Response for Security). The most common virus found was called Nitol. This virus functions to steal personal details such as the computer user’s bank account information.
In its analysis, according to The Inquirer, Microsoft considers that many of the supply-chains operated by PC manufacturers are insecure. The weakest link was due to Chinese PC manufacturers installing counterfeit software, which was infected with viruses. This led to computers being shipped straight from the factory with the dangerous codes inbuilt into their operating systems.
Microsoft also found that the installing of viruses like Nitol was part of a complex cyber crime operation, relating to a known group who have been operating for several years. The group operate out of a web domain called 3322.org.
In a Microsoft blog, Richard Boscovich, a lawyer in Microsoft's digital crimes unit, stated:
“We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cyber-criminal eyes and ears into a victim's home or business.”
Microsoft are seeking permission from the US courts (US District Court for the Eastern District of Virginia) to act against the group they believe to be behind the Nitol virus by inactivating the web domains that the company thinks are being operated by the criminal groups.