In a recent investigation, Microsoft purchased 169 PCs from shops in China and found that all were installed with pirated versions of Windows, with 91 percent of them containing malware or deliberate security vulnerabilities.
“What we are finding is that increasingly cybercriminals are targeting both businesses and consumers right here in China,” said Nick Psyhogeos, vice president of Microsoft’s original equipment manufacturer (OEM) business solutions group.
The U.S. company has long battled China’s software piracy, which is among the highest in the world. Last year China’s illegal software market was valued at close to US$9 billion, while the legal market was valued at $2.7 billion, according to a study by the Business Software Alliance.
Microsoft last week said users of the counterfeit Windows software are often saddled with unreliable PCs running malware that can steal users’ credit card and bank account information. The anti-piracy campaign was launched during a busy holiday season in the country.
Infected PCs found
Over an 18-month period, Microsoft said it conducted its “most extensive forensic survey” of PCs bought in China, by purchasing computers from Chinese shops and “IT malls,” which can feature dozens of different small vendors in one building. Of the 169 PCs running pirated versions of Windows, 59 percent were already infected with malware, and 72 percent featured altered Internet browsing settings that intentionally sent users to scam and phishing websites.
Some of these PCs contained a malware known as “Nitol,” which when activated through a preinstalled music player can remotely log user keystrokes and spy on users through the computer’s webcam. More than 70 percent of the systems also had their Windows update, Windows firewall, and user account control warning functions disabled, making them vulnerable to cyber attack.
“Counterfeiters have pitched this story to consumers that software piracy or pirated products themselves don’t cost anything, they’re free. They’ve also pitched the story that it works just fine, it’s good enough,” said Psyhogeos in a media briefing. “Neither of those statements are accurate.”
The PC brands that were found preinstalled with counterfeit Windows software include big names such as Acer, Asus, Dell, HP, Lenovo, along with smaller Chinese vendors. But Microsoft said the piracy is believed to come from further downstream in the supply chain, through resellers who are loading the counterfeit software and malware into the products in order to lower the cost of PCs sold.
OEMs that make the PCs will often install a non-Windows operating system such as FreeDOS on the product, Psyhogeos said. This makes it highly likely that a third-party will later install a pirated version of Windows on the PC during its distribution.
As part of Microsoft’s new “Keep it Real” campaign, the company has notified 16 Beijing-based resellers, who were found repeatedly selling PCs pre-installed with counterfeit Windows versions, to stop the piracy. Microsoft will consider legal action as a last resort.