Aldi is offering infected media (again)

 

The Australian media is full of reports that the local arm of German-headquartered supermarket giant Aldi has been selling removable hard drives complete with a pre-installed virus.

Aldi joins an extensive list of companies which have managed similar snafus in the past, including IBM (pre-infected USB keys, given away at a security conference, no less),Olympus (pre-infected cameras),Samsung(pre-infected phones) and Best Buy (pre-infected digital picture frames).

Oh, and Aldi (pre-infected PCs). That’s right – Aldi has done this before.

Last time, back in 2007, the virus it shipped was Angelina – a boot sector virus which relies on floppy disks to spread and was largely considered extinct, but obviously wasn’t. This time, I’m afraid we don’t yet have a name for the virus.

Someone from SophosLabs in North Sydney is making a dash to the local Aldi to see if he can find one that hasn’t been withdrawn from sale yet.

If we find out any more details, I’ll update this article; if not, I’m sure he’ll take the opportunity to pick up a few 24-packs of potato crisps and a couple of metric dozens of ice-cream cornets whilst he’s there, so it won’t be a wasted trip.

Apparently, the affected device is an external 4-in-1 hard drive, DVD, USB and card reader device. It’s still being offered on-line, and at $99, it sounds like quite a useful peripheral to go with a budget netbook which doesn’t have much storage or memory card slots of its own. But if you’ve bought one, I recommend you give it a thorough virus scan.

Or simply zap the hard drive, removing and recreating all the partitions on it. You’ll lose all of the freebie software pre-installed on the hard disk, but that’s actually highly desirable since the one thing you now know is that you can’t trust any of it.

Aldi, one imagines, will now be shopping for a more reliable supplier of peripherals.

(Source: Sophos)

Improve our visibility and share this article with your friends !
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • RSS
  • Slashdot
  • Twitter
About Danny Bisaerts

Danny Bisaerts has grown over the past decades from a development background into the world of Information Security and Physical Security. He has spent a lot of time in the world of finance, government, consulting, manufacturing, telecommunications and utilities ...

Danny is currently the editor of www.itsecurity.be. Email : editor@itsecurity.be
LinkedIn : Public Profile