Boot virus shipped on German laptops

Aged malware installed on batch of Vista systems.

A consignment of laptops from German manufacturer Medion, sold through German and Danish branches of giant retail chain Aldi, have been found to be infected with the boot sector virus 'Stoned.Angelina', first seen as long ago as 1994 and last included on the official WildList in 2001.

According to German sources, anywhere between 10,000 and 100,000 systems may be infected, but as the machines apparently ship without floppy drives the virus is unlikely to spread. The systems come pre-installed with Windows Vista and Bullguard anti-virus, which will warn of the 'harmless' infection on booting the machines, but is unable to remove it.

Bullguard has provided a special removal tool to remove the offending code, but the incident has highlighted the vulnerability of newer security products to older threats thought long extinct. Some products may even have removed modules designed do deal with boot sector viruses and other elderly threats to improve performance.

'This is a reminder that old viruses never really die,' said John Hawes, Technical Consultant at Virus Bulletin. 'Malware that's been off the radar for years often pops up when least expected, after someone digs out an old floppy or boots up an ancient system, and security firms have a duty to maintain protection against older threats for just this kind of eventuality. It should also remind product makers of the need for thorough security processes and screening before releasing products to market - in this case the only real harm has been to the manufacturer's reputation, but shipping infected goods can have much more serious consequences.'

A report on the incident from heise security (in German) is here, with an announcement from Medion (also in German) here. Removal instructions from Bullguard are here.

Tags: boot sector virus, bullguard, germany, virus. Posted on 14 September 2007 by Virus Bulletin.

 del.icio.us  digg this! digg this

Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 24 comments

Jobs Recruit Sidebar

Virus Bulletin
In this month's magazine:
  • VBSpam comparative review March 2014
  • VB100 comparative review on Ubuntu Server 12.04LTS
  • The shape of things to come
  • Threat intelligence sharing: tying one hand behind our backs
  • The curse of Necurs, part 1
  • More fast or more dirty?
  • Tofsee botnet
  • Back to VBA
  • Is the security industry up to the new challenges to come?
  • Greetz from academe: No place to Hyde
Virus Bulletin 04 2014
Subscribe now!

Virus Bulletin currently has 231,305 registered users.