Earlier this week, we shared breaking news about Seagate selling 1,800 Trojan-horse-infected Maxtor hard drives at retail. I checked in with the company to learn the details, and see if they busted the perp. The official word:
The internal investigation by the contract manufacturer determined that the virus was accidentally transferred by one of its employees and not a malicious act.But accident, schmaccident: Seagate is taking some severe prevention measures to keep this from happening again, including extra anti-virus software—and metal detectors . The situation was more widespread than we originally knew, and anyone with a Maxtor Basics drive should probably read on.
Reuters reported that it was a Seagate disk discovered in Taiwan, but the truth is, the Maxtor Basics 3200 (aka PS 3200) is available all over the world, and the infected lot made its way to many regions including China, Russia and the Middle East. Our source confirmed that the problem was discovered internally almost two months ago, and only boiled over last week when the Taiwanese government got mad at China:
In late September, Seagate discovered that a virus had been introduced to one of our retail products from one contract manufacturer. Seagate put an immediate stop to the production line and quarantined the facility until we could confirm that all drives leaving the factory were free of the virus.People who bought PS 3200s can download a free version of Kaspersky Anti-Virus 7.0 on the Seagate PS3200 support page .
Maxtor explains that the extent of damage of the Chinese-made Trojan-horse was minor:
Investigation...showed it was a threat to gaming passwords only and that a virus scan...would rid the drive—and any system attached to it—of the virus. Also, there have been some references to the virus deleting MP3s. Although it is a minor inaccuracy, this is also incorrect. The original suspicion out of Kaspersky Labs was that MP3s were being deleted by the virus, but tests have since proved that it does not.As I mentioned, Seagate is claiming that the whole thing was an accident, and wasn't the deliberate act of someone who really really wanted Chinese gaming passwords. Nevertheless, the company has share with us its new prevention measures, which seem likely to keep the genuinely malicious from pulling off a virtual heist in the future:
• Test software verifies that each PS 3200 unit contains no files in the root directory and no files are hidden in the system files. The PS 3200 product line does not ship with any software.
• The PS 3200 test procedure has been updated to run each unit through three separate anti-virus software applications (Norton, McAfee, and Kaspersky Labs). Previously testing was conducted with one anti-virus application.
• Seagate has strictly limited employees access to the test PCs; all employees must now pass through metal detectors.
Metal detectors sound pretty hardcore, but I for one am satisfied. Hopefully other companies with similar manufacturing vulnerabilities will learn from Seagate's little misadventure. [Maxtor Basics 3200]