Those Chinese Made Hard Drives

Xformed is discussing the hard drives made in China that came packaged with a Trojan horse virus installed. I think it is an interesting discussion, it goes back to concerns regarding trusting Chinese imports, which are taking a beating today. I'm not sure his information is completely accurate, as it is slightly different than the information we got comes from our weekly meeting/briefing with our security vender. It could be there is more than one incident, but some of the information matches.

Some have pointed to this incident as part of a larger problem of Chinese espionage on the United States, but in reality, it is part of a much broader criminal problem originating from China that goes completely unnoticed to most of the world, that world that ignores the complaints of online video gamers.

The hard drives in question are Maxtor brand, which is owned by Seagate. Only 1800 or so were infected, and they were chosen specifically. While it is true these large volume hard drives are often found in government, the hard drives are also very popular among that other super tech community, gamers.

As I have said before, I got started in IT in gaming. The gaming culture today, not just in the US but in the world, is high tech competitiveness and is so much larger than most people realize. The virus that was discovered on the Maxtor Basics Personal Storage 3200 hard drives built in China is called Win32.AutoRun.ah, which is a molar virus that searches for passwords to online games. The 'hackers' weren't trying to steal national secrets, rather they were looking to steal online gaming accounts for World of Warcraft and other online Massive Multiplayer Online Roleplaying Games.

That might sound silly, but there is big, big money in this type of theft. I have previously briefly discussed my involvement in the Real Money Trading (RMT) aspect of online gaming, but I'm not sure I ever really stated the potential. There are 1800 known cases of infected computer systems under this incident, if only 1% turned up account information for World of Warcraft, that would be 18 accounts. Depending upon the account, the potential exists to earn between an average of $150 and $250+ selling the equipment used by characters in the game. That could be anywhere between $1000 - $4000 dollars. When you consider the annual salary of the vast majority of 4+ year college degree professionals in China is about $5000 today, and lower for less educated workers (the typical IT worker may only earn $1500) you can see how only 1% returns on this hack might be very lucrative.

This type of crime is very common. For years the Chinese would scan gaming message boards constructed in PHP searching for known vulnerabilities, and once they exploited admin access they would query the database for the terms "pw" or "password" etc.. Ultimately, many, many US game accounts would be stolen by retrieving game account IDs and passwords through the history of private messages sent via those forums, and ultimately some gamer in the US would be ripped off by a Chinese IT worker who had stolen his gaming account info, stripped the game account of all the hard earned equipment that may have been accumulated through months or even years of gaming, and sold the stolen goods. This is simplistic cyber criminal behavior, hard to trace, and almost never cracked down on to this day. The gaming companies do not care. Big money on the gaming black market though, a RMT market that is now worth well over $1 billion dollars US total according to IGE back in 2005.

That $1 billion number might be low these days though, when we did RMT just a few years ago many people I know were clearing almost 6 figures without much effort, about 20 hours or so of gaming (or unattended gaming) a week.