Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What is the possibility of Windows installation CD being backdoored?


  • Please log in to reply
7 replies to this topic

#1 Random Bob

Random Bob

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:44 PM

Posted 13 January 2013 - 02:58 AM

I recently bought a copy of Window 7 Home Basic. But all my friends and everybody I know that owns a computer have a pirated version of windows running on their computers (Third world problems).

I recently read somewhere that pirated Windows CD are backdoored and viruses are installed with windows installation. Is it true? Is it possible for an attacker to do something like that?

I think the possibility of this is less but it maybe possible.

Also please point me to any security articles regarding this.

Thanks!

BC AdBot (Login to Remove)

 


#2 md2lgyk

md2lgyk

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Virginia USA
  • Local time:05:44 PM

Posted 13 January 2013 - 08:11 AM

Of course it's true. Probably the majority of pirated or hacked software contains some form(s) of malware. Oh, and it's illegal.

#3 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:05:44 PM

Posted 13 January 2013 - 08:31 AM

Of course it's true. Probably the majority of pirated or hacked software contains some form(s) of malware. Oh, and it's illegal. (emph mine)


+1 If you play with fire...

Edited by Union_Thug, 13 January 2013 - 08:32 AM.


#4 buddy215

buddy215

  • Moderator
  • 13,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:44 PM

Posted 13 January 2013 - 08:50 AM

Most recent article I've read concerning this: Microsoft battles pirated software as a security risk | PCWorld

QUOTE:
......Over an 18-month period, Microsoft said it conducted its "most extensive forensic survey" of PCs bought in China, by purchasing computers from Chinese shops and "IT malls," which can feature dozens of different small vendors in one building. Of the 169 PCs running pirated versions of Windows, 59 percent were already infected with malware, and 72 percent featured altered Internet browsing settings that intentionally sent users to scam and phishing websites..............

..........Some of these PCs contained a malware known as "Nitol," which when activated through a preinstalled music player can remotely log user keystrokes and spy on users through the computer's webcam. More than 70 percent of the systems also had their Windows update, Windows firewall, and user account control warning functions disabled, making them vulnerable to cyber attack. "Counterfeiters have pitched this story to consumers that software piracy or pirated products themselves don't cost anything, they're free. They've also pitched the story that it works just fine, it's good enough," said Psyhogeos in a media briefing. "Neither of those statements are accurate."

The PC brands that were found preinstalled with counterfeit Windows software include big names such as Acer, Asus, Dell, HP, Lenovo, along with smaller Chinese vendors..........


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:05:44 PM

Posted 13 January 2013 - 08:54 AM

Most recent article I've read concerning this: Microsoft battles pirated software as a security risk | PCWorld

QUOTE:
......Over an 18-month period, Microsoft said it conducted its "most extensive forensic survey" of PCs bought in China, by purchasing computers from Chinese shops and "IT malls," which can feature dozens of different small vendors in one building. Of the 169 PCs running pirated versions of Windows, 59 percent were already infected with malware, and 72 percent featured altered Internet browsing settings that intentionally sent users to scam and phishing websites..............

..........Some of these PCs contained a malware known as "Nitol," which when activated through a preinstalled music player can remotely log user keystrokes and spy on users through the computer's webcam. More than 70 percent of the systems also had their Windows update, Windows firewall, and user account control warning functions disabled, making them vulnerable to cyber attack. "Counterfeiters have pitched this story to consumers that software piracy or pirated products themselves don't cost anything, they're free. They've also pitched the story that it works just fine, it's good enough," said Psyhogeos in a media briefing. "Neither of those statements are accurate."

The PC brands that were found preinstalled with counterfeit Windows software include big names such as Acer, Asus, Dell, HP, Lenovo, along with smaller Chinese vendors..........



Great post, bookmarked. :thumbup2:

#6 Random Bob

Random Bob
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:44 PM

Posted 14 January 2013 - 01:37 AM

Most recent article I've read concerning this: Microsoft battles pirated software as a security risk | PCWorld

QUOTE:
......Over an 18-month period, Microsoft said it conducted its "most extensive forensic survey" of PCs bought in China, by purchasing computers from Chinese shops and "IT malls," which can feature dozens of different small vendors in one building. Of the 169 PCs running pirated versions of Windows, 59 percent were already infected with malware, and 72 percent featured altered Internet browsing settings that intentionally sent users to scam and phishing websites..............

..........Some of these PCs contained a malware known as "Nitol," which when activated through a preinstalled music player can remotely log user keystrokes and spy on users through the computer's webcam. More than 70 percent of the systems also had their Windows update, Windows firewall, and user account control warning functions disabled, making them vulnerable to cyber attack. "Counterfeiters have pitched this story to consumers that software piracy or pirated products themselves don't cost anything, they're free. They've also pitched the story that it works just fine, it's good enough," said Psyhogeos in a media briefing. "Neither of those statements are accurate."

The PC brands that were found preinstalled with counterfeit Windows software include big names such as Acer, Asus, Dell, HP, Lenovo, along with smaller Chinese vendors..........


This does not prove that windows installation CDs can be backdoored. The backdoors could have been installed after installation of windows. I need to know if the windows installation itself can be backdoored or not.

#7 md2lgyk

md2lgyk

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Virginia USA
  • Local time:05:44 PM

Posted 14 January 2013 - 07:38 AM

As I've already said, of course it can.

#8 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:05:44 PM

Posted 14 January 2013 - 07:56 AM

As I've already said, of course it can.


LOL....


The backdoors could have been installed after installation of windows.


Ummm... cuz the code/app/WHATEVER to the exploit/virus/backdoor/WHATEVER is contained on the installation media perhaps?

Edited by Union_Thug, 14 January 2013 - 10:21 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users