Virus

Recently, technical blogs and Twitter feeds were full of rants about laptop manufacturer Samsung after Network World published an article with a shocking accusation; Samsung was distributing new laptops with a commercial keylogger installed. Keyloggers are malicious, secret programs used to capture everything typed on a computer, passwords, personal information – everything. In this case, the keylogger could also send the collected information to a third party without the knowledge of the user.

Collective outrage spread like a viral video across the web, complete with threats of a class action lawsuit and warnings that suggested Samsung was stealing passwords and capturing screen shots. The anger was understandable and even justified, except for one tiny detail, it wasn’t true. Queue dramatic music.

In the Network World article, a security consultant claimed to have found the commercial keylogger StarLogger installed on brand-new Samsung laptops after performing a virus scan. Mistake number one.  The analyst reported that he confronted Samsung about the discovery, and that support personnel confirmed the company was aware of the software and even suggesting it was used to monitor machine performance. Mistake number two. Without confirming the findings with alternate virus scanners or another third party, the analyst published the story to Network World where chaos ensued. Mistake number three – the perfect trifecta.

Further examination found there was no keylogger; it was a false positive by the anti-Virus software. Samsung, who was shocked as the rest of us by the claims, immediately denied the accusation and began an internal investigation. The company has released an official statement that confusion occurred to control any residual damage. Continued exploration for the source of the Samsung employee who confirmed the existence of the keylogger found that call center employees had agreed with the analyst to end the call. The call center supervisor said that when the caller’s issue could not be resolved it was easier to agree and make up a reason that aligns with their theory.

This chain of events, while personally amusing, actually contains several lessons that can be beneficial to average computer users.

• Virus and malware can affect even trusted companies and sites. You cannot assume safety. It is your responsibility to protect yourself from security breaches.
• Keyloggers are a very dangerous form of malware. Users should ensure anti-virus programs or malware removal services have specific capabilities for identifying and disabling these dangerous programs.
• Anti-virus software can be wrong. It can miss virus. It can create false reports. To minimize this possibility, you should keep your preferred anti-virus updated at all times.

It’s been quite an exciting week; too bad this didn’t happen on April 1^st.

Related posts: The Information Safety Net