Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Warning - ALDI External 4-in-1 Hard Drive Contains Built In Malware

Outline
Circulating warnings claim that a 4-in-1 Hard Drive device sold at Australian ALDI stores contains malware.



Brief Analysis
The claims in the warnings are true. AusCERT and other reliable sources have confirmed that an old version of the Conficker malware is installed on the ALDI External 4-in-1 Hard Drive devices. ALDI has reportedly now withdrawn the devices.

Bookmark and Share
Detailed analysis and references below example.



Last updated: 2nd August 2011
First published: 2nd August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Aldi Computer device warning

PRODUCT WARNING

ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device $99 ALDI External 4-in-1 Hard Drive

Reads and writes both CD and DVD Pre-installed 320GB hard drive
Built-in USB hub and card reader Perfect for notebooks Plug and play

This device contains malware. One of ALDIís special buys from Thursday 28 July.

Device can steal data from computer systems and enable remote access to the attached computer system.

Ensure your computerís anti-virus software is up to date.




Detailed Analysis
Warnings that are currently circulating via email and social media claim that a Hard Drive device sold by Aldi stores in Australia contains malware. One such circulating warning takes the form of a Queensland Police Intelligence Bulletin originally intended for internal police use only. According to the warnings, the "ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device" comes with malware already installed that can steal information from attached computers and allow third parties remote access.

The claims in the warnings are true. On July 28, 2011, The Australian Government Stay Smart Online Alert service published an alert about the issue which notes:
Aldi stores are currently selling an External 4-in-1 Hard Drive, DVD, USB and Card Reader which may contain malware. If infected, your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).
The Australian Computer Emergency Response Team (AusCERT) has also published an alert about the devices. According to AusCERT, the devices contain an old variant of the notorious Conficker malware which was first launched back in 2008. Given its age, most up-to-date antivirus scanners should be able to detect and deal with this threat.

If you have bought and used one of these devices, you may wish to format the hard drive on the device and conduct a full virus scan of your system. Alternatively, return the device to ALDI. ALDI has now issued a voluntary public recall of the devices, although, at the time of writing, the devices were still being promoted via the company's website.

The malware was probably installed unintentionally on the hard drives via infected computers in the factory where the devices were produced.

Bookmark and Share References
Aldi External 4-in-1 Hard Drive, DVD, USB and Card Reader Device may contain malware - SSO-AL2011-019
ALDI 4-in-1 device spreads conficker
Conficker
ALDI - External 4-in-1 Hard Drive, DVD, USB and Card Reader Device
Aussie ALDI withdraws infected greybox offering



Last updated: 2nd August 2011
First published: 2nd August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer