63% of counterfeits infected with malware, claims Microsoft
By Digital News Asia December 20, 2012
- Preliminary test sample found nearly 2,000 instances of malware, 403 of them unique
- In 77% of computers examined, Windows Update had been disabled or re-routed to third-party services
MICROSOFT Corp has unveiled the results of a South-East Asia internal computer security study which found that 63% of counterfeit software DVDs and laptop computers with illegal copies of Windows and other software had high-risk malware infections and viruses.
A staggering 85% of the sampled DVDs and 49% of sampled computers were found to contain malware, the company said in a statement.
The analysis was conducted by Microsoft’s Security Forensics team on albeit only 118 samples purchased from resellers in Indonesia, Malaysia, the Philippines, Thailand, and Vietnam.
In total, this preliminary test sample found nearly 2,000 instances of malware – 403 of them unique – including highly dangerous backdoors, hijackers, droppers, bots, crackers, password stealers, and trojans.
The research further revealed that in 77% of the computers examined, Windows Update had been disabled or re-routed to third-party services. With Windows Update disabled, computer systems bypass genuine software checks and are also denied access to critical security updates, leaving them defenseless against malicious cyber-attacks, virus infections, and hacking.
More interestingly is a new trend that was discovered during the course of the study – 44% of the sampled, seemingly new laptop computers have had the original hard drives swapped with malware-infected, recycled drives installed with pirated software.
Cybercriminals use malware for a range of invasive activities generating illegal profit – from stealing consumers’ banking and credit card information, to spamming their e-mail and social media contacts with fraudulent requests for charitable donations or bogus offers (e.g., for counterfeit prescription drugs).
Increasingly, these activities are conducted by or at the direction of organized, for-profit criminal enterprises.
For businesses, the risks associated with using malware-infected, pirated software include low IT productivity, critical system failures and disruptions of service, and theft of confidential company data leading to severe financial loss and reputational harm.
“This study clearly shows that using counterfeit software is a dangerous proposition,” said Dr Dzahar Mansor (pic above, right), national technology officer at Microsoft Malaysia.
“Pirated software is a breeding ground for cybercrime, and the cost of using it is potentially much higher than the price of buying genuine in the first place,” he added.
According to the 2012 Norton Cybercrime Report, the global consumer cost of cybercrime is US$100 billion annually, with an average per-victim impact of US$197.
“Using a PC with counterfeit software is like moving into a high-crime neighborhood and leaving your doors open – it’s incredibly risky,” said Zahri Hj. Yunos (pic above, left), acting chief executive officer of CyberSecurity Malaysia (CSM), an agency under Malaysia’s Ministry of Science, Technology and Innovation.
“People with counterfeit software have no guarantee that their sensitive data, activities and communications will be safe from cybercriminals that intend to do harm. As the results of this study show, the danger of counterfeit is real and consumers should insist on genuine software when purchasing a new PC,” he added.
Microsoft advises consumers to take the following steps to avoid the inadvertent purchase of counterfeit software:
- Always ask for genuine software.
- Buy from a trusted reseller and avoid deals that seem “too good to be true”.
- Ensure all software purchases come in their original packaging.
- When buying a PC with Windows, look for the genuine label and Certificate of Authenticity that Microsoft requires be affixed to all PCs on which Windows is pre-installed. As a further check after purchase, log on to http://www.howtotell.com/ to confirm the label is authentic.
Customers who suspect they’ve received pirated or counterfeit software are encouraged to report it at www.microsoft.com/piracy. Since 2007, the company has received more than 10,000 piracy reports from within South-East Asia – many from people who bought a name-brand PC, paying more money to get “the real thing,” but ending up with far greater risk and liability at the hands of counterfeiters.
Microsoft said it is currently expanding its research in South-East Asia to include an even larger sample of PCs and DVDs containing pirated software, and expects to publish the full study results and analysis during the first quarter of 2013.