View Full Version : Another fine chinese product... spyware built-in

J Tiers
02-17-2008, 11:10 AM
Absolutely great......... pre-loaded spyware in chinese products.........


02-17-2008, 12:49 PM
I must remember not to connect my chinese lathe to the PC .....

02-17-2008, 05:56 PM
Thanks JT.

Yes it is quite a worry.

Brilliant concept though.

It just had to happen.

I wonder just how long it has been about and how far it has gone so far.

The virus, which Computer Associates calls Mocmex, recognizes and blocks antivirus protection from more than 100 security vendors, as well as the security and firewall built into Microsoft Windows. It downloads files from remote locations and hides files, which it names randomly, on any PC it infects, making itself very difficult to remove. It spreads by hiding itself on photo frames and any other portable storage device that happens to be plugged into an infected PC.

I would bet that other portable storage device that happens to be plugged into an infected PC includes the "plug-in chip" that so many seem to wear as a fashion item around their neck.

If not - why not?

And if infected, how many computers will that chip (forget the name) be plugged into in a day, a week?

It could even include digital camera chips - and that leads to those photo-printing machines that are in every shopping centre.

And what about an infected computer on a net-work - and not just at work either, as it might be more likely that the home network will be a source of infection.

I wonder how many "well funded" organisations have had that very thing for quite a while and kept it quiet?

Who is to say that Government agencies have not got or used it?

So far nothing had been said to indicate that it is "in the wild" so it seems that a lot of resources have been used to develop it and keep it "under wraps".

02-17-2008, 07:33 PM
I find it remarkable that with the exception of Computer Associates (CA) that none of the other AV vendors or expert Commentators (from the "Commentariat"?) have even mentioned this, nor have government Agencies - that I am aware of. I would think it extra-ordinary that none or these specialists have commented on or knew/know about it and that none have refuted the report either - or, again, not that I have heard or read about.

I wonder - if it is true - just how long it has been "about" and how far it has gone.

As before, I think the concept is brilliant. If it has been widely distributed with so little comment, the distribution has been extra-ordinarily well planned and implemented/executed.

I be interested to see just where (and who?) this thread leads to.

02-17-2008, 08:23 PM
We're sending the Chinese Marlboro cigarettes, foods with trans fats, 80's sitcoms, and the idea of wearing jeans with the waist slid down to their knees. If this is Spy vs Spy I think we're ahead.:cool:

J Tiers
02-17-2008, 09:04 PM
It may be part of the well known but underpublicised "botnet" system.... sometimes known as the "storm botnet", apparently from one of the prior distribution means for a co-ordinated system of "bot" computers which is said (by folks who should know) to have the capability to attack those who attempt to crack it.

it hasn't been made clear if the folks behind any of this are criminals (organized crime) or governments.

The lack of publicity could be from it being not very important, OR from it being so important that it is felt that the public needs to be "protected" from the knowledge, along the lines of the now-released NASA report on air travel hazards.

If I were a terrorist, I would forget about explosives, and concentrate on cyber-terrorism concentrated on financial transactions. It has the capability to be far more destructive, and also can pay for itself, with handsome profits on top of that, in the interim before the system is no longer trusted.

Apparently we have exported crime as well as damaging products.

02-17-2008, 09:27 PM
Everybody and his dog seems to have one of those "thumb drives"?? either around their neck, on their desk, in their brief case or on their desk - not to mention their children.

It really is amazing how accepted it seems to be that you can plug your drive into the USB port of someone else's computer and get on with what you "need to do". And then of course you plug it into your own office or home - often net-worked - computer/s.

Many of us have good to excellent awareness of the "problem/s" with the "net" and have the soft-ware and procedure to ("sort of"?) "deal with it".

The ubiquitous thumb drive just "goes in" and "does its thing" more often that not without any AV etc. check being done at all. I wonder how many actually "scan" and/or format those drives before using them.

The same goes for chips in a video/still digital camera. I used them as "portable drives" for data for quite a while before I bought a thumb drive.

I have been amazed at meetings how often people up and down-load information and "good stuff" between computers with-out even considering the transfer of "bad stuff" - and how easy it is.

Paul Alciatore
02-18-2008, 01:57 AM
I have two questions. First, what are the "digital photo frames" they are talking about. I must have missed something.

Second, is this for real? It seems like most of the really bad malware we are warned about is really just a hoax on the part of the persons spreading the word.

Honestly, I think the internet is out of control. What we need is real tracability. By the users, not the computer pros. Everything transmitted on the internet should be tracable to a real person at a real street address with a real phone number. Any internet service provider or hub that does not require that kind of real accountability should be disconnected until they do. And not just for future traffic, but for the past offending traffic also. At least all of it from now on. Yes, I know it will never happen. But it would be nice if we could show up on their front porch with a shotgun or sue them in court for our financial losses.

Same thing for telemarketers. They should be required to disclose their real names, addresses and phone numbers; both work and home. We could then call them back at a time of our choice to discuss the items they are selling. Like 3 AM.

02-18-2008, 02:19 AM
Another reason to use Mac OS.

02-18-2008, 02:40 AM
Makes me wonder what my microwave and refrigerator talk about when I'm at work.

02-18-2008, 07:25 AM
It may be news but it certainly isn't a first. Microsoft distributed a virus with pre release beta test versions of Windows XP.

More significant, a few years ago HP distributed a virus on the driver disks for several of their printer products.

I have also seen an instance of a major bank distributing a virus to their customers on disks used for customer billing information. I was the one that alerted the particular bank to that issue and they eventually admitted to me that it was due to an employee not doing their job scanning incoming data.

J Tiers
02-18-2008, 08:04 AM
Digital photo frames are silly semi-computer devices that store photos, and display them on a built-in screen. A sort of special-purpose computer.

They make a little sense, since all granny has to do is push a button and the photos are available for viewing, "no fussing with complicated computers". They also sit on your desk etc, and run through all the pics of the kids, etc...... as they eat batteries.

Obviously, you plug them in and load from the computer, hence the issue at hand.

I have actually seen one of these things, once. But Apparently they ARE reasonably popular.

I would suppose that the real problem is NOT the fact that a few of these stupid things are polluted with a password and account-number grabbing trojan horse program.

The real problem is more along the lines of what Oldtiffie suggested, what ELSE is going to automatically inject a program that will collect the information required to allow thieves to empty accounts, disrupt commerce, etc?

And, what are the social implications of such an attack if wide-spread? CAN an open society protect itself, or is the only answer a controlled society, either an open dictatorship, or a de-facto "papers please" type nominally open, but really restrictive society?

Paul Alciatore
02-18-2008, 08:43 AM

Thanks for the explanation. I've seen them at stores but didn't associate the name.

No, we don't need a more restrictive society, we need a more open one where everyone knows what is going on in thier own computers. "Everyone" = you and I and grandma, not just computer types. When everyone knows who (real name, real address, real phone number) is taking advantage of them, then things will get better.

02-18-2008, 09:17 AM
If you are concerned about this particular type of threat then just hold down the shift key when plugging in a device for the first time. That disables the autoplay function. Then you can scan the device with a virus checker.

Pete H
02-18-2008, 10:41 AM
HAH!! That may explain why, when I tried to re-install my HP printer, using the original disk, I got a popup that said "Windows XP has terminated the installation because the driver is known to harm the operating system".

Needless to say, that was the start of a three-week dialogue with Subhidar in Mumbai about why the dang thing was misbehaving.

Pete in NJ

J Tiers
02-18-2008, 06:41 PM

No, we don't need a more restrictive society, we need a more open one where everyone knows what is going on in thier own computers.

What people "need", what they WANT, and what they GET are different things.

I had a startling discussion with an extreme liberal over the weekend. She had got back recently from several months in Singapore, which as you know is a very restrictive and controlled society.

SHE LIKED IT THERE. She said it had a lot to recommend it, "everything worked" (public transport, parks, safe streets, etc).

This is the sort of person who describes any republican or dissenting democrat as either misguided or a danger to society.... who considers caning (a punishment in Singapore) to be inhuman treatment, and who does not believe in disciplining children.

She described it in glowing terms, with a few obligatory "yes but" comments about the inadvisability of criticizing the government or committing crimes (drug dealers are dead soon when caught, etc). "But after all those are things people shouldn't do anyway".

She might vote such a government in right here at home, if it promised that 'everything would work and the streets would be safe".

That's why I made the comment