Microsoft unveiled last week the details of a forensic study on malware threats that examined name-brand PCs with pirated software installed as well as counterfeit software DVDs sourced from Malaysia along with samples Indonesia, Philippines, Thailand and Vietnam. The study found that 1 in 2 PCs running counterfeit software in Malaysia was infected with malware – including highly dangerous “Zeus” Trojan – across well-known PC brands.
[Roslan Mahayuddin of MDTCC, Dr. Dzahar Mansor of Microsoft Malaysia, Dr. Amirudin Abdul Wahab of CyberSecurity Malaysia]
The study extends research originally conducted in December 2012, examining a total of 282 computers and DVDs – more than double the original sample – and found an average malware infection rate of 69%, an increase of six points over the preliminary study.
“We’ve discovered 1,131 unique strains of malware in this study’s extended sample size – where 240 bypass checks for the genuine status of software while another 891 can be considered ‘hostile’. In Malaysia alone, we’ve found that over 1 in 2 PCs are infected with malware because of counterfeit software,” said Dr. Dzahar Mansor, National Technology Officer, Microsoft Malaysia.
“As the use of Internet-connected devices in both the workplace and at home explodes across Southeast Asia, so too does the volume of sensitive data that people are willing to store on them. It’s never been more important that consumers understand and avoid the risks associated with pirated software,” said Dzahar.
“Malware loaded onto counterfeit software infects and steals information from a victim’s computer. Cybercriminals are then able to use that information to illegally enter and abuse the victim’s online services, including online bank accounts, email systems, and social networking sites. This can have detrimental effects on users’ financial security and personal safety, as well as pose a risk of corporate espionage and surveillance,” he added.
One of the strains of malware and virus infection in the study sample included the highly dangerous “Zeus” Trojan, a password-stealing trojan known to use “keylogging” and other mechanisms to monitor people’s online activity. Keyloggers record a user’s every keystroke in order to steal personal information, including account usernames and passwords. Criminals use this information to steal victims’ identities, withdraw money from their bank accounts, make online purchases using victim’s personal information and access other private accounts. According to the RSA 2012 Cybercrime Trends Report, the Zeus trojan alone is estimated to have caused more than US$1 billion in global losses in the last five years.
Commenting on this, Dzahar said, “As the financial services industry moves towards online and mobile banking, transaction security becomes an increasing concern. This has led many banks to implement additional security layers in online and mobile banking services. Yet, all of this effort becomes futile if the customer is negligent by opening a backdoor through their own security defenses – such as the threat posed by dangerous malware from using non-genuine software.”
Findings from Microsoft’s Security Forensics team further revealed pirated copies of Windows embedded with malware spread across numerous well-known PC brands, including: Acer, Asus, Dell, HP, Lenovo and Samsung. Microsoft believes that neither the counterfeit images nor the malware originated from—or were installed by—the individual PC manufacturers. Rather, the computers were likely shipped with non-Windows operating systems, which were later replaced by individuals in the downstream supply chain or retail channel who deal in the illegal duplication and distribution of pirated software. The study found that hard-drive swapping – a practice by unscrupulous retail vendors – was apparent in close to 1-in-3 PCs sampled.
“Many people assume that buying a name-brand PC is all that’s required to guarantee a good and safe computing experience. They don’t think twice about the software sold with the computer, and whether or not it’s pirated,” added Dzahar. “But consumers need to beware: while they might think there are great deals to be had by looking the other way, the hidden cost of pirated software is significant, and contrary to popular belief, can’t be remedied by simply running anti-virus software. If a consumer can’t verify that the computer they purchased was installed with a genuine copy of Windows, their risk of exposure to viruses and spyware—and the potential for data corruption, theft and financial loss—increases exponentially.”
Besides revealing astonishing figures on the prevalence of malware inherent within counterfeit software in Malaysia, the study underscored the need for consumers to be vigilant and proactive when making their computer purchase decisions, to ensure they do their best to curb malware persistence through genuine software purchases.
“We would like to urge consumers to regard security as their first priority and they must know how to protect themselves from malware and other computer viruses by insisting on genuine software when purchasing computers. Using a computer with counterfeit software is just like opening doors to cybercriminals. People who use counterfeit software have no guarantee that their personal and sensitive data, activities as well as communications online using the device will be safe from cybercriminals that intend to do harm.” said Dr. Amirudin Abdul Wahab, Chief Executive Officer, CyberSecurity Malaysia.
He added, “The findings of the study definitely reveal the danger of counterfeit software and it is real in Malaysia. We are certainly glad for industry leaders like Microsoft for bringing this awareness to Malaysian consumers. On the other hand, CyberSecurity Malaysia has developed a CyberSAFE program, whereby people can obtain various tips on cyber safety and internet security at www.cybersafe.my.”
The CyberSecurity CEO said that the organization is exploring collaboration with Malaysia Internet Service Providers to extend the awareness program.
Adding that consumers are not the only party responsible for limiting the uncontrolled spread of malware, Roslan Mahayuddin, Director of Enforcement, Ministry of Domestic Trade, Cooperatives and Consumerism (MDTCC) said that PC manufacturers have a part to play to ensure malware persistence in the country is reduced.
“PC Manufacturers need to do their part in curbing the pervasive nature of malware. The study shows that household name-brand devices are not exempt from counterfeit software. By selling PCs without any software, PC manufacturers are practically creating a culture where PC dealers load pirated software or where consumers are left to their own devices and are practically encouraged to purchase pirated DVD software,” said Roslan. “To assist the efforts of PC manufacturers, MDTCC plans to meet PC makers to see how this challenge can be reversed. MDTCC will also intensify enforcement raids on errant retailers and dealers who are duping consumers by selling PCs with pirated software,” he added.
Roslan said that the penalty for those who are found owning such countents can be fined between 2,000 to 20,000 per infringing copy.
Microsoft advises consumers to take the following steps to avoid the inadvertent purchase of pirated software:
- When purchasing a new PC, always insist on installing a genuine copy of the operating system.
- Buy from a trusted reseller and avoid deals that seem “too good to be true.”
- Ensure all software purchases come in their original packaging.
- When buying a PC with Windows, look for the genuine label and Certificate of Authenticity that Microsoft requires be affixed to all PCs on which Windows is pre-installed. As a further check after purchase, log on to www.howtotell.com to confirm the label is authentic.
Customers who suspect they’ve received pirated or counterfeit software are encouraged to report it at www.microsoft.com/piracy. Customers who report suspected violations can provide valuable insights and have a positive impact in the fight against piracy. Microsoft takes every lead seriously in its effort to ensure a safe digital community for all. Since 2007, the company has received more than 10,000 piracy reports from within Southeast Asia—many from people who bought a name-brand PC, paying more money to get “the real thing,” but ending up with far greater risk and liability at the hands of counterfeiters.[Download PDF]- Presentation by Dr. Dzahar of Microsoft Malaysia – Computer Security Study Phase II