Issue 118 - September 2011 - Page 16
Warning - ALDI External 4-in-1 Hard Drive Contains Built In Malware
Circulating warnings claim that a 4-in-1 Hard Drive device sold at Australian ALDI stores contains malware.
The claims in the warnings are true. AusCERT and other reliable sources have confirmed that an old version of the Conficker malware is installed on the ALDI External 4-in-1 Hard Drive devices. ALDI has reportedly now withdrawn the devices.
Detailed analysis and references below example.
Last updated: 2nd August 2011
First published: 2nd August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Aldi Computer device warning
ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device $99
Reads and writes both CD and DVD Pre-installed 320GB hard drive
Built-in USB hub and card reader Perfect for notebooks Plug and play
This device contains malware. One of ALDIís special buys from Thursday 28 July.
Device can steal data from computer systems and enable remote access to the attached computer system.
Ensure your computerís anti-virus software is up to date.
Warnings that are currently circulating via email and social media claim that a Hard Drive device sold by Aldi stores in Australia contains malware. One such circulating warning takes the form of a Queensland Police Intelligence Bulletin originally intended for internal police use only. According to the warnings, the "ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device" comes with malware already installed that can steal information from attached computers and allow third parties remote access.
The claims in the warnings are true. On July 28, 2011, The Australian Government Stay Smart Online Alert service published an alert about the issue which notes
Aldi stores are currently selling an External 4-in-1 Hard Drive, DVD, USB and Card Reader which may contain malware. If infected, your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).
The Australian Computer Emergency Response Team (AusCERT) has also published an alert
about the devices. According to AusCERT, the devices contain an old variant of the notorious Conficker malware
which was first launched back in 2008. Given its age, most up-to-date antivirus scanners should be able to detect and deal with this threat.
If you have bought and used one of these devices, you may wish to format the hard drive on the device and conduct a full virus scan of your system. Alternatively, return the device to ALDI. ALDI has now issued a voluntary public recall of the devices, although, at the time of writing, the devices were still being promoted
via the company's website.
The malware was probably installed unintentionally on the hard drives via infected computers in the factory
where the devices were produced.
Aldi External 4-in-1 Hard Drive, DVD, USB and Card Reader Device may contain malware - SSO-AL2011-019
ALDI 4-in-1 device spreads conficker
ALDI - External 4-in-1 Hard Drive, DVD, USB and Card Reader Device
Aussie ALDI withdraws infected greybox offering
Pages in this month's issue:
- Protest Message - First Responders Not Invited to 9/11 Tenth Anniversary Ceremony
- Amazon Account Review Phishing Scam
- 'May God Bless This Kind Person' Spyware Hacker Warning Hoax
- Diego Mendez Prayer Request
- 'Numerous Spams Activities from a Foreign IP' Webmail Phishing Scam
- Hoax - Professional Hacker 'Faceb Hu' Taking Control Of Computers Via Friend Requests
- ACH Payment Canceled Malware Email
- Fake Child Abduction Alert - Three Year Old Missing from Wollongong
- Request to Change Facebook Status to Support Injured Biker George
- Bogus Health Warning - Scratch Card 'Silver Nitro Oxide' Coating Causes Skin Cancer
- Bogus 'Free Items for Participating' Facebook Events
- Overblown and Outdated Warning - Facebook Instant Personalization
- Drano Bottle Bomb Warning Message
- Hotel "Wrong Transaction" Malware Emails
- Invitation FB Olympic Torch Virus Hoax
- Warning - ALDI External 4-in-1 Hard Drive Contains Built In Malware
- DEW Bottled Water Fatal Poisoning Hoax
- Unfounded Rumour - Facebook Friend Request Warning - People Trying to Access Photos of Children
- Massive Mound of Writhing Rattle Snakes
- eBay 'Trusted Selling with Identity Confirmation' Phishing Scam