Vendor FAIL - Certified Pre-Owned (CPO)

How vendors screw up their own products and leave YOU holding the virtual bag

Certified Pre-0wned For reasons unknown, vendors occasionally fail to maintain quality control over the media they ship. Whether it is CD-ROM, DVD, USB or some other form of media, it may contain viruses, trojans or even drug-runner music. When this happens, the software you receive obviously can't be trusted in any fashion, and installing software from already compromised media immediately puts your system's integrity in question.

This page serves to keep a record of such incidents and remind vendors that shipping "pre-0wned" software is deplorable. This list is designed to capture consumer related exposures, specifically malware or other items of interest. This list will not include incidents of vendors shipping vulnerable software as that list would be extensive. In addition, it will not track malware attacks against specific targets, such as the "Farewell Dossier". For an interesting historical perspective of such incidents until 1996, consult McDonald's list. Some of these incidents are integrated into the CPO list depending on the information available.





When Who Shipped What Media With What
2014-03-05 Multiple Vendors Android Phones and Tablets Fake Netflix app malware found on hardware from Samsung, Motorola, Asus, Google/LG (Nexus) and others. The devices are said to have come from a re-distributor and were not factory new.
2012-09-13 Unspecified Supplier(s) in China PC Laptops and Desktops Nitol botnet
2012-06-29 Cisco Cisco and Linksys Routers Forced Update with Cloud Connect service that tracked complete Internet history. Cisco backtracked and made it opt-in
2012-04-10 Hewlett-Packard (HP) HP ProCurve 5400 zl Switch, Compact Flash Card Unspecified Virus
2011-08-03 Cisco Information Packet and Warranty CDs Unspecified Links to Third-Party Malware Repositories
2011-07-29 Aldi / Tevion Fission External 4-in-1 Hard Drive Conficker
2011-04-11 Amazon Community EC2 Amazon Machine Images AMI Author's SSH Key pre-authorized
2010-07-21 Dell PowerEdge R410 Rack Server Unspecified Malware
2010-06-08 Olympus Japan Olympus Stylus Tough camera Unspecified "autorun worm"
2010-06-01 Samsung Samsung S8500 Wave bada phone shipping with infected microSD card (German market only) Win32/Heur, Worm.Win32.AutoRun.bhiq
2010-05-21 IBM USB Drive Distributed at AusCERT Unspecified Malware
2010-03-08 Vodafone HTC Magic (distributed by Vodafone) Mariposa bot
2010-03-08 Energizer Energizer DUO USB Charger Trojan.Arugizer
2009-09-21 Razer Device Drivers WORM.ASPXOR.AB
2009-06-15 Elisa ISP Huawei Nettitikku E160 Router Conficker
2009-05-18 M&A Companion Touch netbook Worm.Win32.AutoRun.aayn, Rootkit.Win32.Agent.hwq and Packed.Win32.Krap.g
2009-01-02 Element 9-Inch Digital Photo Frame Unknown
2008-12-29 Samsung SPF-85H 8-Inch Digital Photo Frame Sality Worm
2008-12-28 Mercury Mercury 1.5" Digital Photo Frame DPFMate.exe and FEnCodeUnicode.dll
2008-10-27 Teq AV Wireless AV System USB Key Multiple (W32.Perlovga family)
2008-10-15 Unspecified Credit Card Terminal Physical bug to steal credit card information
2008-10-09 Cisco VPN Client CD Mexican Narco Corridos MP3s
2008-10-08 ASUS Eee Box's 80GB Hard Drive W32/Taterf worm - aka W32.Gammima.AG (recycled.exe)
2008-08-19 ASUS Laptop Recovery DVD Cracking software, confidential documents, proprietary source code, employee CVs
2008-05-06 Telstra USB Drive Distributed at AusCERT Unspecified Malware
2008-05-06 Mozilla Firefox Vietnamese Language Pack W32/Xorer.O.worm
2008-04-09 Hewlett-Packard Proliant Computers 256K / 1GB USB Drives W32.Fakerecy and W32.SillyFDC
2008-01-23 Insignia (sold via Best Buy) 10.4" NS-DPF10A Digital Photo Frame W32/Mocmex.AM
2008-01-04 Unspecified Victory LT-200 MP3 Player Worm.Win32.Fujack.aa
2007-12-25 ADS (sold via Sam's Club) 8" Digital Photo Frame Win/32Mocmex.AM
2007-12-13 Unknown Nepalese Vendor Kingston CF Memory Card Worm.VBS.Small
2007-11-12 Seagate Seagate Maxtor Basics Personal Storage 3200 Virus.Win32.AutoRun.ah
2007-09-15 Medion Laptops (via Aldi) Laptop Stoned.Angelina Virus
2007-01-29 TomTom TomTom GO 910 Satnav Unit win32.Perlovga.A Trojan and TR/Drop.Small.qp
2006-10-18 Apple 30GB Apple Video iPod RavMonE.exe Virus
2006-10-16 McDonald's Japan MP3 Player QQPass Password-stealing Trojan
2006-06-02 Hewlett-Packard (HP) Printer Driver Funlove Virus
2006-02-15 Unknown "Mr. & Mrs. Smith" German Release DVD Unspecified Rootkit
2005-11-25 I-O Data Device HDP-U Series Hard Drive Tompai-A Worm
2005-11-11 Sony BMG XCP Software Rootkit
2005-09-01 Creative 5GB Zen Neeon MP3 Player Wullik.B Virus
2004-06-23 Capitol Records Beastie Boys CD "To the Five Boroughs" Unspecified Virus
2003-05-15 Wal-Mart Promo CD Custom Spyware
2002-06-21 Microsoft Korean version of Visual Studio .NET Nimda Virus
2001-12-03 Kool Kizz Atelier Marie (Japanese-language version) W32/Kriz Virus
2001-11-30 Sega Dreamcast Atelier Marie (Japanese Language Version) Kriz Virus
2000-12-17 Hewlett-Packard (HP) Printer Drivers Funlove Virus
1999-07-15 Cult of the Dead Cow (cDc Communications) Back Orifice 2000 CD-ROM Win95.CIH Virus
1999-05-10 IBM Aptiva Computer CIH Virus
1998-10-?? Unknown SiN (Demo Version) CIH Virus
1998-09-?? Yamaha CD-R400 Drive Firmware Update CIH Virus
1998-08-12 MGM/EA Wargames CD-ROM Win95/Marburg virus
1998-05-01 ID Software Quake and Quake 2 Server Backdoor Command (rcon)
1997-07-08 Vellum 3D Version 3.0 CD-ROM MBDF A/B virus
1997-??-?? Unspecified Hungarian Computer Magazine CDROM Sopron.937 Virus
1996-09-?? HQ FORSCOM Unspecified Internet Distributed Files WinWord.Concept
1996-05-?? MacUser, UK Edition One Director Movie CD-ROM
1996-05-?? Industrial Computer Source (ICS) Windows 95 Driver Disks for ROCKETPORTXX AntiCos-A
1996-04-13 FIT IZL Developer's Package 3.5" Floppy NYB (New York Blues) Virus
1996-03-?? Alpine Media Microsoft Developer Server Disk B1
1996-02-?? OSD C3I 40th ARMA Conference Disk Ripper
1996-02-?? Microsoft Slovenia Press Release 30. 1. 1996 Disk WordMacro/Concept
1996-01-?? Microsoft The Microsoft Office 95 and Windows 95 Business Guide CD-ROM WinWord.Concept
1996-01-?? Powersoft Multimedia U.S.A. 101 Card Games CD-ROM Taipan.666
1996-01-?? Ziff-Davis UK Ltd. Electronic Christmas Card Disk Parity_Boot.B
1996-??-?? IBM Germany VoiceType Vokabular Diskettes Newboot_1
1995-10-?? PC Magazine Editor's Day Disk SAMPO
1995-09-?? DEC ECUS Disk WinWord/Concept Virus
1995-08-?? Microsoft Windows 95 Software Compatability Test WinWord/Concept Virus
1995-08-?? Ford Motor Co. Public Relations Disk Monkey
1995-07-?? Merriam-Webster Collegiate Dictionary and Thesaurus AntiExe
1995-06-?? America Online Distribution Disks Bupt
1995-05-?? Home Grown Productions Ltd. The Gates of the Underworld CD-ROM Tai-pan & Goldbug
1995-04-01 Unspecified European automobile manufacturer Product Line Information Media Unspecified Virus
1995-03-?? ARTEC/Genius Mouse Drivers Anti-tel
1995-02-?? MITSUMI Model ECM-S31 Mouse Driver Software Form
1995-02-?? Microsoft 1,000 Unspecified Disks Form
1995-02-?? European Commission Office 1,000 Unspecified Disks Gallicia
1994-11-?? Sandia Research Associates Inc. 2.0 GPSLOG Demo Version AntiCmos
1994-06-11 ZiffNet PBS Forum Nine Unspecified Files Chill
1994-10-?? Apple Macintosh System 7.5 Sample Upgrade Kit (HDSC Setup and Disk First Aid Applications) MBDF
1994-06-?? Mediaplex Die DFUe-CDROM Crusader
1994-05-05 American Vacuum Society (AVS) Journal of Vacuum Science & Technology A&B (Second Series Volume 12, 1994) CD-ROM nVir A
1993-12-?? Oliver Marketing Inc. Unspecified Demo Disks Jerusalem / Stoned
1993-10-?? University of Michigan Computer Kickoff Sale Standard Distribution Disks nVIR
1993-07-?? CIX Online Service SPORT21C.ZIP Butterfly
1993-06-?? Telemate TM411-4.ZIP Stoned
1993-04-?? Hoskyns Project Manager Workbench UK Form
1993-01-?? DCA Unspecified Printer Driver Disks NoInt
1993-01-?? FUJITSU Germany Unspecified Printer Disks V-Sign
1992-11-?? Star LC24 Print Driver Disk Vacsina Loader
1992-10-?? CACI, INC-FEDERAL Update Disk #48 FAR-TRIEVE Michelangelo
1992-08-?? International Data Systems Preloaded Model IDS 4331 486 PC Stoned Virus / Michelangelo Virus
1992-08-?? Wilson Hill Associates Standard Army Hazardous Materials Tracking System Disk Form Virus
1992-07-01 American Computer Resources, VA Seiko PS-X Printer Driver Software CDEF
1992-07-?? Phoenix Data Systems Diagnostics Disk for Ethernet Board Michelangelo Virus
1992-05-?? DacEasy Inc. Instant Accounting Package Stoned
1992-05-?? Golden/Diamond International/System Cactus OCR Disk Fish Boot
1992-03-?? Novell Netware Support Encyclopedia (NSE) Standard Edition NoInt
1992-03-?? Lotus Development Corp. CD/Networker LAN Version Michelangelo Virus
1992-03-?? Pionex Preloaded 386 Pro System Michelangelo Virus
1992-03-?? Chicony Corp Keyboard Tracking Ball Software Disk Michelangelo Virus
1992-03-?? Neural Networks & Fuzzy Systems Unspecified Book w/ Disk Michelangelo Virus
1992-03-?? Symbol Technologies Preloaded PC Michelangelo
1992-03-?? IntelCorp LANSpool 3.01 Disk Michelangelo
1992-02-?? Sony Laser Library Distribution Disk Dark Avenger
1992-02-?? WIN Laboratory Preloaded PC Stoned
1992-02-?? Meridian Data Inc. Extension Software Michelangelo
1992-02-?? Da Vinci Systems E-Mail 2.0 Demo Disk Michelangelo
1992-01-28 Leading Edge Products Inc. PC Michelangelo Virus
1992-01-?? PC Fun Magazine Disk Stoned
1992-01-?? Trident VGA Co. Easy Data Model 386 Systems Michelangelo
1991-12-?? Information Management Consultants AUVA 350/25 PC Systems Michelangelo
1991-12-?? Konami Inc. Spacewrecked Game Disk Stoned
1991-12-?? Novell Network Encyclopedia Disk Stoned-3
1991-11-11 Virtual Reality Lab Distant Suns Disk Michelangelo
1991-11-?? Zinc Software C++ Library Disk Form
1991-11-?? NTIS Software Distribution Unspecified Stoned
1991-11-?? Software Perspectives Demo Disk Stoned
1991-10-?? Z-Soft PC Paintbrush Update Disk Michelangelo
1991-10-?? Publishing International PUMPKIN PATCH Screen Saver Jerusalem
1991-09-?? Cypress Semi-Conductor MAXPROG, version 2.72C Stoned
1991-09-01 Sun Microsystems PCNFS 3.5b Jerusalem
1991-08-?? European Patent Office Bulletin Disk Stoned
1991-07-?? Oracle Oracle Windows' DDE/Toolbox Demo Disk Stoned
1991-02-?? Praxis Software Engineers Rodime PLUS/RX WDEF A
1990-12-?? LAN Source Technologies Distributing Modem Protocall One Modem Evaluation Stoned
1990-11-?? Shimadzu Photo-detection Detec-tor SPD-M6A Version 2.14 Vienna
1990-11-?? PC Benelux World Unspecified Cascade 1704
1990-10-?? DOS-TREND Magazine Unspecified Stoned II
1990-10-?? Modular Circuit Technology Utility Disk Stoned
1990-07-?? PC Today Magazine Unspecified Disk-killer
1990-05-?? Softdisk Publishing Diskworld Diskette WDEF
1990-04-?? Far Side Moon Artdink Inc. PC Nambal / Nambal II
1990-04-?? Institute for Scientific Information CC-on-Diskette WDEF A
1990-01-?? MacPublishing Font Disk WDEF
199?-??-?? Three Unspecified European PC Gaming Magazines Cover CD-ROM CIH Virus
199?-??-?? Origin Systems Wing Commander (Download) CIH Virus
1988-10-01 Quantum Leap Technologies, Inc. QLTech MEGA-ROM nVir Virus



This list is not complete, yet it should make you realize that nothing is safe. Every piece of electronics you buy and every piece of software you install may come with malware pre-installed. Rather than manufacturers introducing a higher set of quality controls to prevent such incidents, we will no doubt see companies produce new products that will help keep you "safe" from such threats. These "controls" would doubtless be another band-aid on top of band-aids that make up a lucrative market, which is a sad commentary about how customers perceive and receive "electronic security".



Copyright 2008-2011 by Attrition.org. Permission is granted to quote, reprint or redistribute provided the text is not altered, and appropriate credit is given. Term "certified pre-owned" courtesy of Dan Geer.


Contact: errata[at]attrition.org
Support Us
FAQ
Ledger