New But Infected with Nitol

New But Infected with Nitol

Is nothing sacred anymore? Apparently not! When you buy a brand spankin’ new computer, you expect it to be pristine. You also expect it to work perfectly and be free of any infections or viruses. But that’s no longer a given. There’s a chance that fabulous new machine you just paid several Benjamin’s for could be infected with malware, even before you take it out of the box and remove all the packing.

Now, this doesn’t warrant a widespread panic but it is worth a little attention, especially if you’re in the market for a new computer and you’re a bargain hunter who shops the Internet looking for a deal.

The hubbub is all about the recent report of malware called Nitol. The malicious computer code was found on brand new computers purchased in China. In a nutshell, this all came to light when a team of researchers from Microsoft’s digital crimes unit began an investigation last year. They were looking into the sale and distribution of counterfeit copies of the Windows operating system software. The team purchased twenty new computers from retailers in China. They later found the computers were all equipped with counterfeit copies of Windows. Four of the machines already had malware of some variety on them, and one contained the active Nitol infection.

Once powered up and connected to Internet, a computer with Nitol hidden on its hard drive begins searching for other computers over the Internet. Once it finds one, the new computer instantly becomes part of a botnet, or collection of compromised computers, which is a world-wide criminal network that can attack websites, steal personal information, and take money from bank accounts. This is one of the most invasive and persistent forms of cybercrime. More details about the investigation, called Operation b70, can be viewed in a Microsoft blog post.

So, what’s one to do? Try following these tips when purchasing your new computer and you should be one step ahead of the bad guys:

  • Consider the source for your new computer hardware and software purchases. Saving a few bucks up front could cost you a lot more in the long run. It’s not worth buying from a sketchy seller.
  • Make sure you obtain the proper licensing documentation for the software (especially the operating system) that’s installed on your new computer. Don’t accept any excuses or explanations for not receiving it. Even if there’s no malware involved, without a legitimate copy of the operating system, at best you won’t get any technical support for the software and at worst, you won’t be able to activate the software at all.
  • Ensure your operating system is up to date, even on a brand new machine. Several updates may have been issued from the time the operating system was installed on your computer to when you actually use it for the first time.
  • Make sure you have an antivirus software program before you go online or, at least, make that your first order of business on the Internet. Consider an “Internet Security” program, over just an antivirus program, to ensure you also have a firewall component included. However, your Windows operating system does include a firewall, so be sure to use one or the other.
  • Check to see if your antivirus or Internet security program includes a spyware detection feature or an anti-spyware program. If it doesn’t, consider downloading one.
  • Ensure your firewall is software is turned on.

To see additional information about Nitol and botnets visit the following links:

Microsoft taking on aggressive new Nitol botnet
Microsoft takes down another botnet, Nitol

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

What’s a “botnet”?

What’s a “botnet”?

botnet (bot·net) noun A collection of software robots that’s normally associated with malicious software. Botnets are notorious for being platforms for spam distribution.

The term botnet can refer to any group of software “robots” and normally consists of a collection of compromised (“zombie”) computers running the botnet software. In most cases the PCs running the botnet software are turned into zombie computers unknowingly, usually through drive-by downloads (software that is downloaded and automatically installed through exploited browser vulnerabilities, or by software worms, Trojan horses, or other malware). Botnets are usually controlled remotely by a botmaster using a central command-and-control interface on his or her computer.

A really good botnet can be installed on a user’s machine and never arouse any suspicion to the user through normal means of detection such as computer performance slowdowns, increased bandwidth usage, pop-ups, etc. It’s possible that a PC can be the unknowing accomplice to a number of blackhat operations, including:

  • Spam:

    By utilizing it’s network of zombie computers, a botnet can be a powerful spam distribution platform. Millions of spam emails are sent out by botnets every day.

  • DDoS:

    With enough infected computers, issuing a Distributed Denial of Service Attack (flooding a website with enough bogus traffic to bring it down) can easily be done with a botnet.

  • Spreading malware:

    A zombie PC in a botnet can also be set up to not only self-propagate onto other unsuspecting computers, but it can also be a delivery system for other forms of malware, too. (viruses, spyware, Trojans, etc.)

  • Information collection:

    Sometimes the only job of the zombies in a botnet is to collect information about the human host: what they click on, who they email, their passwords, etc.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.