The once-prolific Conficker worm has turned up in the most unlikely of places: Australian discount supermarket, Aldi. The worm was discovered pre-installed on a four-in-one external hard-drive, DVD, USB, and card reader combination device.
According to a warning from the Australian Computer Emergency Readiness Team (AusCERT), the Aldi supermarket chain is known to have sold the product at stores located in Australian state of Queensland.
It is recommended that anyone who might have bought one of these hard-drives format the hard disc drive and, if they can, run an anti-virus product on it before use.
SC Magazine Australia reported that Aldi would be recalling the products as well, but at the time of publication Threatpost had not yet heard back from Aldi for official confirmation.
The AusCERT report downplays the risk, saying, “The malware is extremely old, with some of the malware being seen since in August 2008. This is fortunate in one sense that most systems should detect this malware if they have antivirus installed.”
The sophisticated piece of malware first appeared in November of 2008, it was then and remains one of the largest active botnets around today, despite being widely recognized and detected by anti-virus products.
Accounts of hardware arriving pre-infected from the factory are unusual, but not unheard of. Mobile phones from Vodafone-HTC and Samsung have been discovered pre-loaded with malicious programs, including a client for the Mariposa botnet and a Trojan horse program. Dell confirmed in July, 2010, that some of its PowerEdge server motherboards were shipped to customers with malware code on the embedded server management firmware.