The Hypocrisy Weblog

According to the Swedish IDG news-service, Swedish home electronic chain “TeknikMagasinet” is selling USB memory sticks (ZAP Slider USB 8G) that are/were infected with a trojan.

An angry reader of IDG’s daily IT-newspaper “Computer Sweden” contacted them and shared his story. The reader had bought 3 usb memory sticks and all of them were in unbroken casings. All 3 usb memory sticks had 60 Megabyte used and when plugged into a Microsoft Windows Vista computer, the anti virus application reacted and warned against a trojan being present on the memory stick. Also Microsoft Windows XP were used as a test-subject and the anti virus application reacted on this platform as well.

The reader claimed to have contacted TeknikMagasinet, asking for an explanation, however there was no alleged return-contact by anyone over at the home electronics chain.

Christian Ekstrand at TeknikMagasinet says that only a small number in a particular batch of usb memory sticks that TeknikMagasinet manufacture themselves in Taiwan were infected and that “only 50 usb memory sticks were infected” (as far as he knows). Mr Ekstrand says that he can however not speak about how many , if any, of the customers of TeknikMagasinet that bought the particular products were affected by the incident. He also says that this is the first incident over the last 4-5 years that TeknikMagasinet has co-operated with the particular plant in Taiwan. Also, he said that the reason to why the Computer Sweden reader didn’t hear from TeknikMagasinet was that they weren’t able to reach him and that they in no way or form is trying to tone down the incident.

Mr Ekstrand continues to say that “the virus is pretty harmless and for example only tries to steal World of Warcraft login information” and that “the customer should not be at risk if they have an anti virus program installed” (translating / paraphrasing).

A personal reflection here is that I don’t know if I agree that calling a keylogger that tries to steal information and installs itself automatically as something minor. Who knows what other information the keylogger can harvest if deployed in a customer’s computer. Would it still be a “minor issue” if the customer ends up losing financial information such as his/her credit card number?

UPDATE: Christian Ekstrand comments in the article’s comment section that the virus came in through a control computer that was used by an employee of the plant to surf privately. Private surfing is prohibited at the plant, Christian says. Check this link for information about the trojan.

A new trend within organized crime is “pump and dump”-techniques for low-rated stock. This behaviour is about to surpass the regular porn and viagra spam-mails we all get in our inboxes.

Pump and dump basically works in this way; A spammer finds a low rated stock and buys up a large volume of stock. Then he sends out spam-mails about this company’s stock, saying that it is the next great thing and when more and more people start to buy this stock, the price per stock increases (naturally) and the spammer can sell off his shares with a good profit.

It is understandable that criminals are using this technique, as it is a low risk and very profitable area of doing business for them. However, this is a plague for us server-administrators and end-users out there, who gets our inboxes clogged up with this crap. I have noticed that the emails that has the subject in the topic of this post; “Hi, it’s *insert name here*” seem to be much harder for Spam Assassin to filter out than even some picture spam that is floating around.

Woe humanity – what a sad day; Spammers are learning that our bayes-filters…