Microsoft: Most PCs running pirated Windows in China have security issues
Microsoft finds widespread piracy in PCs sold in China, warns consumers in new campaign
IDG News Service - Microsoft launched a new anti-piracy campaign in China to highlight the security risks of buying counterfeit software.
In a recent investigation, Microsoft purchased 169 PCs from shops in China and found that all were installed with pirated versions of Windows, with 91% of them containing malware or deliberate security vulnerabilities.
"What we are finding is that increasingly cybercriminals are targeting both businesses and consumers right here in China," said Nick Psyhogeos, vice president of Microsoft's original equipment manufacturer (OEM) business solutions group.
The software company has long battled China's software piracy, which is among the highest in the world. Last year China's illegal software market was valued at close to $9 billion, while the legal market was valued at $2.7 billion, according to a study by the Business Software Alliance.
Microsoft on Thursday said users of the counterfeit Windows software are often saddled with unreliable PCs running malware that can steal users' credit card and bank account information. The anti-piracy campaign is being launched during a busy holiday season in the country.
Over an 18-month period, Microsoft said it conducted its "most extensive forensic survey" of PCs bought in China, by purchasing computers from Chinese shops and "IT malls," which can feature dozens of different small vendors in one building. Of the 169 PCs running pirated versions of Windows, 59% were already infected with malware, and 72% featured altered Internet browsing settings that intentionally sent users to scam and phishing websites.
Some of these PCs contained a malware known as "Nitol," which when activated through a pre-installed music player can remotely log user keystrokes and spy on users through the computer's webcam. More than 70% of the systems also had their Windows update, Windows firewall, and user account control warning functions disabled, making them vulnerable to cyber attack.
"Counterfeiters have pitched this story to consumers that software piracy or pirated products themselves don't cost anything, they're free. They've also pitched the story that it works just fine, it's good enough," said Psyhogeos in a media briefing. "Neither of those statements are accurate."
The PC brands that were found pre-installed with counterfeit Windows software include big names such as Acer, Asus, Dell, HP, Lenovo, along with smaller Chinese vendors. But Microsoft said the piracy is believed to come from further downstream in the supply chain, through resellers who are loading the counterfeit software and malware into the products in order to lower the cost of PCs sold.
OEMs that make the PCs will often install a non-Windows operating system such as FreeDOS on the product, Psyhogeos said. This makes it highly likely that a third-party will later install a pirated version of Windows on the PC during its distribution.
As part of Microsoft's new "Keep it Real" campaign, the company has notified 16 Beijing-based resellers, who were found repeatedly selling PCs pre-installed with counterfeit Windows versions, to stop the piracy. Microsoft will consider legal action as a last resort.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts