EDIT: Dons, this is a general news item that potentially affects a lot of people and is up for discussion. That's why it's in GD, so please don't move it to a more remote sub forum like Laptops or Windows. Thanks. 
According to Sophos Naked Security blog Samsung is reportedly selling laptops which come pre-installed with an unexpected piece of software. The laptops contain the 'StarLogger' rootkit/keylogger, which launches silently with Windows and then records every keystroke unknowing buyers make.
That includes all documents and emails typed out, all passwords, all online posts - everything. The keylogger/rootkit periodically uploads the data (and screenshots!) to an unspecified email address.
I actually had to check it wasn't the 1st April already. I'm absolutely amazed that an OEM like Samsung would do this, especially after the Sony audio CD rootkit scandal. I'd strongly advise anyone with a Samsung laptop to do a scan with a decent anti-malware suite, as well as to manually check for a directory called C:\Windows\SL which is where the malware lives.
Amazingly Samsung have admitted that this is happening. I see huge lawsuits on the horizon, and I've lost a lot of respect for them. For shame, Samsung.
More info from the guy who first reported this is here.
UPDATE: An addendum posted on Sophos' blog.
UPDATE 2: Better Nate than lever... or something... Here's a response from Samsung pooh-poohing the original article. It seems this IT 'consultant' and Network World have some explaining to do! I've also RTM'd the post to request a title change to reflect the latest information.
According to Sophos Naked Security blog Samsung is reportedly selling laptops which come pre-installed with an unexpected piece of software. The laptops contain the 'StarLogger' rootkit/keylogger, which launches silently with Windows and then records every keystroke unknowing buyers make.
That includes all documents and emails typed out, all passwords, all online posts - everything. The keylogger/rootkit periodically uploads the data (and screenshots!) to an unspecified email address.
I actually had to check it wasn't the 1st April already. I'm absolutely amazed that an OEM like Samsung would do this, especially after the Sony audio CD rootkit scandal. I'd strongly advise anyone with a Samsung laptop to do a scan with a decent anti-malware suite, as well as to manually check for a directory called C:\Windows\SL which is where the malware lives.
Amazingly Samsung have admitted that this is happening. I see huge lawsuits on the horizon, and I've lost a lot of respect for them. For shame, Samsung.
More info from the guy who first reported this is here.
UPDATE: An addendum posted on Sophos' blog.
UPDATE 2: Better Nate than lever... or something... Here's a response from Samsung pooh-poohing the original article. It seems this IT 'consultant' and Network World have some explaining to do! I've also RTM'd the post to request a title change to reflect the latest information.
Last edited:
