RLSLOG is for sale
Warning! Do not download before hiding your IP with a VPN!
Your IP Address is .   Location is
Your Internet Provider can see what you are downloading!  Hide your IP ADDRESS with a VPN!
We strongly recommend using a reliable VPN client to hide yourself on the Internet. It's just $2.91/month!
Hide me now!
Releaselog

Malware preinstalled on new hard drives

The Taipei Times is reporting that around 1,800 new 300GB and 500GB external hard drives manufactured by Maxtor shipped with malware on them. What makes this story even more interesting is that Taiwanese authorities suspected that Chinese authorities were involved.

“The bureau said that hard discs with such a large capacity are usually used by government agencies to store databases and other information. Sensitive information may have already been intercepted by Beijing through the two Web sites. That the method of attack was unusual, adding that it suspected Chinese authorities were involved. In recent years, the Chinese government has run an aggressive spying program relying on information technology and the Internet. This was the first time it had found that Trojan horse viruses had been placed on hard discs before they even reach the market.”

Now I’m not a security expert or anything like that, but doesn’t everyone format the hard drive before you install your OS on it? Of course you can use it just like storage device, and in that case something like that would be probably possible…

Source: Cnet

Comments

Feel free to post your Malware preinstalled on new hard drives torrent, subtitles, samples, free download, quality, NFO, rapidshare, depositfiles, uploaded.net, rapidgator, filefactory, netload, crack, serial, keygen, requirements or whatever-related comments here. Don't be rude (permban), use only English, don't go offtopic and read FAQ before asking a question. Owners of this website aren't responsible for content of comments.
  1. NuZZ
    November 17th, 2007 | 11:30

    Yeah um, what the hell?
    I would format my new HDD even if it were a storage device.

    But still, what the hell?

  2. vertti
    November 17th, 2007 | 11:34

    Probably many people that buy external harddrives don’t even know what formatting is. Typically external drives come preformatted.

  3. Chewie
    November 17th, 2007 | 11:34

    I just bought a new maxtor harddrive lol.

    But I formatted it.

  4. Dominik
    November 17th, 2007 | 11:43

    I even format flash drives, without looking, when they come pre loaded with mostly crappy shareware games.

    in the past, there were pressed CDs with viruses on them. got your game, and a bonus virus. :D

  5. Perunasalaatti
    November 17th, 2007 | 11:45

    Got 250GB Maxtor, about few years old…But I can’t remember if I formatted it or not… =P But I’ve got it in NTFS-format so don’t know if external drives in those days were already on it. Been thinking about getting a 500GB drive and if I do get it…DAMN! I will sure as heck format it from now on rofl.

  6. ...
    November 17th, 2007 | 11:47

    The bureau said, the bureau said….. The bureau said, the bureau said what a boring read that extract was.

  7. mupet0000
    November 17th, 2007 | 11:52

    Ahh, i have a 500GB and i have NOT formatted it EVER. Its about a year old.

    Im actually buying another one so ill format that one.

  8. bewb
    November 17th, 2007 | 11:56

    Re-formatting a hard-drive does not make it clean.

    Files can still be recovered. If you want it brand-new clean, from the manufacturer [not Maxtor's, obviously :P ]. Download WipeDrive PRO and follow the instructions.

  9. x3m
    November 17th, 2007 | 12:13

    What about viruses that infect MBR ? (master boot record)
    I remember one very old virus called Kaczor that was doing this and it didn’t helped even if you formated the HDD.

    So I guess it was something like that.

    Well guys don’t just format HDD :)
    I think you should also use some utilz to wipe the Boot Sector and MBR ;)

    I personally use only Hitachi (IBM) drives

  10. hmm
    November 17th, 2007 | 12:14

    can’t exactly say that a news source from taiwan is likely to be neutral towards china… but then, this doesn’t sound too unlikely either

  11. x3m
    November 17th, 2007 | 12:21

    Oh, btw: even better idea is to hide it in the Drive firmware.
    Which antivirus is checking firmware of the drives ?!
    So no formating or wiping helps in this case.

  12. bleh
    November 17th, 2007 | 12:34

    to Ozzy: so what? the only way to get rid of piracy is to get the rls grps, not ppl who dl and spread, that’s only the afthermath ;P

  13. bleh
    November 17th, 2007 | 12:35

    umm, lol, where did my post go?

  14. erok713
    November 17th, 2007 | 13:23

    The Chinese are not good people.

  15. argh
    November 17th, 2007 | 13:33

    The Chinese are not good people.

    Is that a sweeping generalisation, born of prejudice? Just wondering.

  16. Kommu
    November 17th, 2007 | 13:43

    About time China got nuked!

  17. mr æ
    November 17th, 2007 | 13:48

    On what basis would anyone here be scared if the chinese
    saw what u were on to on the net.and even if it was hidden in bootsector/firmware a prober virus/firewall prog would detect any strange traffic on ur connection???
    heck the chinaman dont scare me,i think the country and its
    population is to big for any kind of proper administration,
    but thats another story,point is they are just as good/bad as any of us.and 1500 hd’s sounds more like internal marked to me.

  18. Dr Falken
    November 17th, 2007 | 13:53

    i found 2 illegal immigrants inside my new hard drive – i was furious! but i decided to keep them – they now take care of my garden and cooking – and it only costs me a cup of rice a day.

  19. psshhh
    November 17th, 2007 | 14:40

    you didnt get rid of all of them martin, nuking china? paying immigrants with rice?

    come on, those are biggoted fascist, discriminating stuff, which you didnt delete, so dont have a problem with. if i would say the same thing about jews for instance, would that be ok? nuke israel and pay jews with koosher meat? is that ok too?

    be consequent.

  20. psshhh
    November 17th, 2007 | 14:41

    post 14, The Chinese are not good people.

    so if i say jews are not good people, would that be ok here too?

  21. bigots
    November 17th, 2007 | 14:46

    releaselog supports discrimination, racism, bigotry and hate against certain nations, races and religions, judging by the things they allow and the things they delete.

  22. Rlslg, get your act together
    November 17th, 2007 | 14:48

    americans arent good people, nuke the usa, pay americans with mcdonalds junkfood. that should be allowed too.

  23. heynotreally
    November 17th, 2007 | 15:35

    It’s not because you’ve formatted it, that the ‘malware’ is deleted. So Maxtor is teh su_k :P

  24. Dr Falken
    November 17th, 2007 | 15:59

    if you weren’t so quick to reach for the moral highground, you’d realise my post was a thinly veiled criticism of the exploitation of immigrant workers.

  25. Not Stupid
    November 17th, 2007 | 16:29

    @8 bewb, rhymes with newb. Re-formatting DOES get rid of the data. You just have to do it several times consecutively after the first wipe. DoD (US) standard I believe is 35 wipes. I cannot remember how many passes though.

    Recommended tool for everyone: Darik’s Boot and Nuke or you all can download Eraser from http://www.heidi.ie and it will come with it. Boot and nuke comes in ISO or Floppy format.

    Have fun and don’t be stupid.

  26. superdino
    November 17th, 2007 | 16:32

    Hi,

    well, formatting alone still would not be enough to allow a malware to be run.

    there is a a sector that would not be formatted using the standard tools.

    I had also such a Maxtor disk.. was a 250GB unit, refurbished.

    It didn’t boot correctly on my Gigabyte board, so I researched a bit and found out about it. I downloaded a tool then to delete that sector. From then on everything worked fine.

    Basically you can load everything into that sector.. if you are good.

  27. superdino
    November 17th, 2007 | 17:10

    the tool I used was “s0kill.exe” … google for it if interested

  28. PsYcHo
    November 17th, 2007 | 17:43

    HaHaHa… All i can say is “Wright Zero’s To The Drive”

  29. November 17th, 2007 | 17:44

    I would prefer maybe this article to be written by a hard drive expert – it gives no real information how the virus gets on the HDD in the first place. To assume a working virus is installed on the HDD – well I would assume it would be installed with the bundled CD software. To have a virus installed ON the hdd it would first have to be partitioned, formatted, and a filesystem put on there and then, most likely to be read by a windows system (assuming it’s a windows filesystem) and then assuming someone would run a lone file from the new HDD. now, if it’s an MBR virus; correct me if i’m wrong but since you cannot put a whole OS onto an MBR, and just information about the partition tables and such I doubt it has intelligence to scan your hdd and send data over your ethernet card while your computer is off. Anyone else ? The evidence doesnt make sense to me. And if it doesnt make sense it’s probly not true.

  30. miles
    November 17th, 2007 | 18:07

    the chinese people should be ashamed of their government, if i was chinese, i would not stand for this

  31. c5 vette
    November 17th, 2007 | 18:12

    Those Chinese bastards! And this is what happens when USA wants cheap labor. We let our enemy build our computers, toys, TV, etc, etc. And our enemy is slowly killing us with lead paint, tainted pet food, poisun seafood food, and viruses to monitor our every moves – man, this is scary. China wanna take over the USA.

  32. Bendee
    November 17th, 2007 | 18:43

    SEAGATE bought MAXTOR
    SEAGATE bought MAXTOR
    SEAGATE bought MAXTOR
    SEAGATE bought MAXTOR

  33. robespierre
    November 17th, 2007 | 19:09

    first-maxtor is responsible for the final quality of the product
    if they subcontract they still have to verify and approoved the product

    second-this sound like the mattel way of doing business-blame the subcontract
    people will only remember this,and then send an apology saying your specs
    were wrong to start with

    third -Yang Kuo-wen,one of the journalist from yhe taipe news that got the
    article out–is on every blog known and is seeing a world wide conspiray
    from china–sounds like a personal grudge to me

    fourth–it has becomes a plan b-rules to blame the chinese for anything that
    goes wrongs in business..then deal with the real problem after.

  34. Comment
    November 17th, 2007 | 19:10

    Don’t think Microsoft doesn’t build in back doors and unlike Chinese made hard drives, you actually use Windows, with this code approved by the NSA.

    China spies, just like every country.

    The Chinese are 99% poor, so it’s NOT really a Chinese people’s issue, but rather like your own government, a political issue over power. And everyone knows in China, the people have NO rights, no say, no voice, except for what the Communist Party ideology proclaim.

    If you think about it, when Mao died, had the U.S. not open China, when Nixon began investing in China, the Chinese people would have overthrown their leaders, because of failures one after another.

    Now, the Communist Party uses the economic development, to hold on, as there is nothing else the evil party can offer it’s people.

    Getting back to hard drives, these hard drives came from Thailand, which happens to be more and more under Communist Party control.

    The other websites reporting back your information was not only Beijing, but also South Korea and yes, even Dallas in the United States…

    I bet lots of readers didn’t know this, right?

  35. agamemnon
    November 17th, 2007 | 19:23

    got 2 chinese trojans up my arse & reformatting right now. i always believe they were greeks so you understand my surprise!

  36. Windows Available
    November 17th, 2007 | 19:29

    UK’s Serious Organized Crime Agency Demonstrates “Frightening Windows XP Hack” to Microsoft

    http://www.news.com/Microsoft-exec-calls-XP-hack-frightening/2100-7349_3-6218238.html?tag=cd.lede

  37. me
    November 17th, 2007 | 19:41

    You guys really think the Chinese care about your measly lives? Tawain wants their independance China doesnt. China has missles aimed at them if they were to talk about seperation again they would rather wipe them out of the Pacific.

    You guys must really think your important to think they care about what movies your watching. LOL

  38. Paul Ferguson
    November 17th, 2007 | 19:42

    Even if you overwrite all “free space” 7 times you can still leave megabytes of data on a drive.

    Disk drives contain a number of areas where data can hide from overwriting, including Host protected areas, Drive configuration overlays, and Re-mapped bad blocks.

  39. Sun Wu
    November 17th, 2007 | 19:48

    Most businesses are purchasing larger hard drives, so by passing on this data back to Beijing, or your competition, your getting access to new innovation, secrets and policies, not just movies, or mp3 files as some seem to only think.

    Getting access to networks is big business. It’s foolish to assume, that a large hard drive wouldn’t be used by the government or corporate employee.

    As for China, you had better read Sunzi, the art of war.

  40. robespierre
    November 17th, 2007 | 19:51

    @37 me

    hey you–taiwan hosted the fleeing corrupted chinese gouvernement overthrow
    by the revolution,,would be like cuba,welcoming the confederate army after
    they loss,,,a situation created by the u.s policies at that time,so a problem
    created by them.

    plus the local original people and the japanese immigrants from when it was formosa

  41. Karen
    November 17th, 2007 | 19:55

    Reuters reported that it was a Seagate disk discovered in Taiwan, but the truth is, the Maxtor Basics 3200 (aka PS 3200) is available all over the world, and the infected lot made its way to many regions including China, Russia and the Middle East. Our source confirmed that the problem was discovered internally almost two months ago, and only boiled over last week when the Taiwanese government got mad at China.

  42. America the ugly
    November 17th, 2007 | 19:59

    all this talk bout chinese makin me hungry. mmmmmm kun pao chickennn….aaaaaaahhhhgggggggg!

  43. Rekrul
    November 17th, 2007 | 20:23

    About the myth that data can still be read off a hard drive unless it’s been overwritten 20+ times;

    Yes, scientists working in high-tech labs using ridiculously expensive equipment have had some success at detecting magnetic patterns of data that has been overwritten, but such things are well outside the means of the average hacker. It is also impossible for a standard hard drive to retreive data that has been overwritten even ONCE.

    If you don’t believe me, contact any professional data recovery service and tell them that you accidentally zero-filled the entire drive. Make sure that you tell them that the data was only overwritten ONCE. Ask them how much it will cost to recover the data from such a drive. They’ll tell you that it can’t be done. Why would they turn down the opportunity to charge people obscene amounts of money for recovering the data, unless it can’t be done outside of the CIA?

    And if normal hard drives were capable of reading data that had been overwritten even once, don’t you think that hard drive companies would be using this ability to make drives that could store twice as much?

    It’s true that there might be some data on the drive that a format will miss, however that same data would likely be missed by one of those “secure erase” programs. Once data has been overwritten a single time, for all intents and purposes, it’s GONE.

  44. nus
    November 17th, 2007 | 20:44

    the usa is tracking every move of their citizens, taking away their rights, putting them in jail for downloading pron etc and you guys worry about some malware on a chinese harddisk? LOOOL!, fools. look at your own fascist government first, then point fingers after you have solved your problem.

  45. LeetHax0r
    November 17th, 2007 | 21:23

    With today’s hard drives it’s so easy leave some data hidden (about 1-10Gb) and accessible only by the firmware, then a trojan could store sensitive data to “later appreciation”.

    And no format or wipe will erase such data…

  46. andy
    November 17th, 2007 | 22:05

    If it’s alright for the yanks to do I don’t see a problem with China doing it.

    China for the world superpower, you never know – they may be eying out the terrorist nation of Kazakhstan *lol*

  47. Cidman
    November 17th, 2007 | 22:19

    sounds like a conspiracy theory to me…
    the fact that it wasn’t reported anywhere else also rings alarm bells
    finally, there are actually no sources quoted or referenced other than the ministry of justice… not a tech company or a information gathering agency like the CIA or FBI, but more like your local police enforcement ring

    it sounds like either over-zealous local enforcers, conspiracy theorists, or a mix of the two…

    of course, its possible that it’s true… but then, its also possible that the US gov’t is using satellites to read people’s minds and the only way to stop them is to wear tinfoil hats…

  48. smart101
    November 18th, 2007 | 06:19

    Fomating is unless,once the computer recognizes the drive, the virus has already installed.
    Your computer must recognize your drive before you can format it, don’t you ?

  49. smart101
    November 18th, 2007 | 06:22

    Fomating is useless

  50. Phishybongwaters
    November 19th, 2007 | 15:05

    “DoD (US) standard I believe is 35 wipes. I cannot remember how many passes though.”

    Not quite. IT’s not a simple format, formatting removes the file table entries. The DoD level wipe (which is the same as thed canadian version) is atleast 10 passes, but it’s not simply formatting, it’s zeroing out the drive.

    It formats. Fills the entire drive with 1′s, formats, does it again. For each pass the drive is formatted and filled.

    After 5 passes only someone with real skillz and equipment / software can recover your data, after 10 passes it’s gone as every spot on the drive has been wiped / filled 10 times.

    The one we occasionally use here is called “DSX” and is used by the RCMP. Extremely slow of the highest (DoD) standard but if you are paranoid completely safe.

    Are drives shipping already formatted and partitioned now? The last 4 external drives I purchased (320g, 2x500g, 200g) were all blank drives that needed to be partitioned right off the bat.