The viruses were discovered when Microsoft’s digital crime investigators bought 20 PCs, 10 desktops and 10 laptops from different cities in China, out of which four were infected with malicious programmes even though they were fresh from the factory.
The virus called Nitol found by Microsoft steals personal details to help criminals plunder online bank accounts.
Nitol was the most pernicious of the viruses Microsoft caught because, as soon as the computer was turned on, it tried to contact the command and control system set up by Nitol’s makers to steal data from infected machines.
Further investigation revealed that the botnet behind Nitol was being run from a web domain that had been involved in cybercrime since 2008. Also on that domain were 70,000 separate sub-domains used by 500 separate strains of malware to fool victims or steal data.
The malware, according to Microsoft’s digital crimes unit, is capable of remotely turning on an infected computer’s microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim’s home or business.
A US court has given Microsoft permission to seize control of the web domain, 3322.org, registered to a Chinese businessman named Peng Yong, which it claims is involved with the Nitol infections.