Aldi joins an extensive list of companies which have managed similar snafus in the past, including IBM (pre-infected USB keys, given away at a security conference, no less), Olympus (pre-infected cameras),Samsung (pre-infected phones) and Best Buy (pre-infected digital picture frames).
Oh, and Aldi (pre-infected PCs). That’s right – Aldi has done this before.
Last time, back in 2007, the virus it shipped was Angelina – a boot sector virus which relies on floppy disks to spread and was largely considered extinct, but obviously wasn’t. This time, I’m afraid we don’t yet have a name for the virus.
Someone from SophosLabs in North Sydney is making a dash to the local Aldi to see if he can find one that hasn’t been withdrawn from sale yet.
If we find out any more details, I’ll update this article; if not, I’m sure he’ll take the opportunity to pick up a few 24-packs of potato crisps and a couple of metric dozens of ice-cream cornets whilst he’s there, so it won’t be a wasted trip.
(Update: our field researcher reports that the afflicted devices have gone without a trace, or perhaps were never offered in stores. He sadly failed to return with any comestibles, but did admit to have been “eyeing the pizza oven and the meat slicing machine like in delis.” SophosLabs prosciutto pizza, anyone?)
Apparently, the affected device is an external 4-in-1 hard drive, DVD, USB and card reader device. It’s still being offered on-line, and at $99, it sounds like quite a useful peripheral to go with a budget netbook which doesn’t have much storage or memory card slots of its own. But if you’ve bought one, I recommend you give it a thorough virus scan.
Or simply zap the hard drive, removing and recreating all the partitions on it. You’ll lose all of the freebie software pre-installed on the hard disk, but that’s actually highly desirable since the one thing you now know is that you can’t trust any of it.
Aldi, one imagines, will now be shopping for a more reliable supplier of peripherals.