Microsoft bares study results on viruses, malware in newly-bought computers
MANILA, Philippines—From the moment a person buys a computer, it could already be infected with a wide variety of viruses and malicious software (malware) that are capable of spying, stealing usernames and passwords, and even recording financial transactions.
Microsoft announced Monday the results of their computer security study conducted in Southeast Asia that found 5,601 different kinds of malware in laptops that have been pre-installed with pirated Windows operating systems (OS) and pirated DVDs of Windows installers.
The study, which sampled 216 branded laptops and 66 DVD installers, was conducted last December 2012 in Indonesia, Malaysia, Philippines, Thailand and Vietnam.
More than half of the sampled computers or 68 per cent was found to contain malware while almost three fourths or 74 per cent of the DVD installers also contained malicious software, according to Keshav Dhakad, Regional Director for Intellectual Property of Microsoft Asia Pacific and Japan.
“Many people assume that buying a name-brand PC is all that’s required to guarantee a good and safe computing experience. They don’t think about the software sold with the computer, and whether or not it’s pirated,” Dhakad said in a statement during the press conference.
“If a consumer can’t verify that the computer they purchased was shipped with a pre-installed, genuine copy of Windows, their risk of exposure to viruses and spyware … increases exponentially,” he said.
Out of the 5,601 types of malware they found in the sampled computers, 3,703 were considered hostile while 1,898 were capable of “tweaking” the operating system so that it would remove essential security mechanisms such as the firewall and the automatic security updates.
Dhakad said that the malwares, which can be disguised as ordinary computer items like a picture or a legitimate program, are enough to “cause damage, steal information, and all other kinds of hostile activities,”
It “clearly reflects the fact that malware is intentional activity [that] takes advantage of pirated software,” he said.
Of the different kinds of malicious software they found, the most prevalent were trojans, which accounted for 3800 of all the malware found. A trojan is a type of program that appears legitimate but performs malicious and illicit activity.
Other malware found were worms (726), viruses (627), crack programs (127), hacker tools (109), rogue programs (95), password stealers (18) among others.
“Many consumers are completely unaware of the threats they face,” Dhakad said.
The most well-known of the malwares was a trojan program known as “Zeus,” which has several variations that can obtain usernames and passwords of online transactions and even
discreetely access the webcam to take photos.
Dhakad presented to the reporters a detailed and technical process of how a potential hacker can use “Zeus” to access a person’s webcam and record what it sees and how a person’s username could be obtained after logging in onto a financial website.
The pirated software was the root cause of all the different kinds of malware found on the computer. Dhakad cited a study by the Business Software Alliance, which found that the Philippines was among four countries in Southeast Asia in terms of piracy rate.
Vietnam had an 88 per cent piracy rate, Indonesia had 86 per cent, Thailand 72 per cent and Philippine 70 per cent, according to the cited study.
A separate study found that, 63 per cent of computers users in Asia Pacific admit they have acquired pirated software.
Dhakad maintained that even though genuine software are not completely immune to malicious software, it was the most basic and first step in ensuring a protected computing experience.
Users still have to be careful in opening unsolicited emails from unknown senders, downloading from suspicious websites, obtaining programs from peer to peers networks, etc., Dhakad said.
He also urged people to be wary of buying from unauthorized resellers because these are the pirated software are likely to have been installed inside the computers.