Seagate Maxtor storage units come pre-loaded with a password-stealing virus.
An undisclosed number of Seagates Maxtor Basics Personal Storage 3200 units have shipped with a virus that steals passwords to online gamesincluding World of Warcraftthe company is warning
Seagate got the heads up from Kaspersky Labs, which identified the virus as Virus.Win32.AutoRun.ah
. The virus deletes similar viruses and can disable virus detection software as well.
The virus, which was loaded onto the Maxtor units at a sub-contract manufacturers location in China, is sending stolen passwords back to a server thats also located in China.
Seagate admitted that a "small number" of units might have been sold before Kasper-sky discovered the virus. According to the company, units purchased after August 2007 are at risk.
Seagate added that it is in the process of cleaning up units that it has on hand before theyre released for sale.
Seagate said it is continuing to investigate the situation, adding in a statement that it "quickly" stopped shipping units out of the factory as soon as it learned of the infection. However, in what seems to be a contradiction, Seagate also states that the units now leaving the facility have been cleaned.
At the time this article was posted, the company has not yet responded to eWEEKs question regarding why the company is still shipping products from the Chinese subcontractor before its investigation has been completed.
Seagate is providing a free 60-day download of virus protection software to scan and remove viruses on its Maxtor Basics 32000 unit. Its also providing on its site a list of other anti-virus programs
capable of removing the virus.
The virus preys on a list of games that are predominantly Chinese, with the exception of World of Warcraft. They reportedly include WSGame, 91.com, QQ, Woool, rxjh.17game.com, TianLongBaBu, AskTao, Perfect World (Wanmei Shijie) and World of Warcraft.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.