Stupid user trick No. 1: Preconfiguring PCs with stone-age malware
Incident: Toward the end of 2006, several high-profile consumer electronics companies -- both makers and retailers -- ended up with egg on their faces when reports surfaced that they were shipping to consumers devices infected with malware. Apple's Video iPod and several models of digital photo frames were found to be infecting the computers of unsuspecting users the first time they were plugged in. The risk associated with those infections was significant. In the end, however, the damage was limited.
[ For further adventures in malware, check out "Stupid hacker tricks" and "Stupid hacker tricks, part two: The folly of youth" ]
A year later, though, that wasn't the case. In September 2007, German computer maker Medion announced that as many as 100,000 laptop computers sold through Aldi superstores in Germany and Denmark came preinstalled with Windows Vista, the Bullguard anti-virus program -- and a virus.
The case could have been devastating for the privacy or information security of anyone who bought one of the laptops. Modern malware, highly adept at stealing information such as bank account log-ins or credit card numbers, poses a real risk to consumers and companies alike.
Only, it wasn't, because the virus, Stoned.Angelina, dates back to 1994, a full year prior to the launch of Windows 95, let alone the advent of widespread Internet access or online commerce.
Thankfully, Stoned.Angelina isn't a particularly dangerous virus, at least not to anything more recent than DOS. It's a boot-sector virus that replicates itself by copying itself to floppy disks. Remember those? The Medion laptops didn't even have floppy drives.
Medion never said exactly how this historic malware relic ended up in the default image on so many laptops. In the case of the iPod and photo-frame infections, the malware came from an infected machine in the factory in China that assembled the final products and installed the software onto the devices' internal storage.
When you consider just how difficult it must be to load Stoned.Angelina onto a modern computer, you get a sense at how boneheaded the IT guy would need to be in order to infect a drive image used in tens of thousands of hard drives.
Fallout: With no way to spread and no effect whatsoever on Windows Vista, Stoned.Angelina took its toll mainly on Medion, making the company a laughingstock. The punch line: Even though the machine came preloaded with an anti-virus app, the anti-virus engine couldn't clean the system. Bullguard later released a repair program that cleaned out the boot sector, just in case you, someday, somehow, found a floppy drive that worked with the laptop and inserted a disk.
Moral: One, don't let the guy running an old copy of DOS on his computer build your drive images. And two, if you're going to deliberately infect thousands of computers, pick malware that's actually going to do something.
[ Stupid user trick No. 2: Oh, you wanted to recover those backups? ]