Vista attacked by 13-year-old virus

Stoned.Angelina socks it to 'em


Updated A batch of laptops pre-installed with Windows Vista Home Premium was found to have been infected with a 13-year-old boot sector virus.

Those of you with a long memory will vividly recall the year 1994: Nirvana's lead singer Kurt Cobain died, South Africa held its first multi-racial elections, and Tony Blair became leader of the Labour party. Oh, and Microsoft's operating system was the quaint, pre-NT Windows for Workgroups.

But it was a year that also saw the arrival of a boot sector computer virus known as Stoned.Angelina which moved the original master boot record to cylinder 0, head 0, sector 9.

It would appear that this teenage virus has not yet been consigned to the history books.

According to Virus Bulletin, the consignment of infected Medion laptops – which could number anything up to 100,000 shipments – had been sold in Danish and German branches of retail giant Aldi.

The computers had been loaded with Microsoft's latest operating system Vista and Bullguard's anti-virus software, which failed to detect and remove the malware.

Although the infection itself is harmless, Stoned.Angelina will undoubtedly have left Microsoft and Bullguard execs blushing with embarrassment about the apparent flaws in their software which allowed an ancient virus to slip through the back door.

On its website Bullguard offered some reassurance to Medion customers hit by the virus:

"Stoned.Angelina is a low-risk boot virus that infects the MBR (Master Boot Record) of hard disks. This is a very old virus. Apart from its ability to spread from computer to computer, it carries no payload (damage) to the systems it infects."

It added that the virus commonly spreads by being booted from an infected floppy disk, and causes no damage to the operating system.

Virus Bulletin technical consultant John Hawes said: "This is a reminder that old viruses never really die.

"Malware that's been off the radar for years often pops up when least expected, after someone digs out an old floppy or boots up an ancient system, and security firms have a duty to maintain protection against older threats for just this kind of eventuality." ®

Update

Bullguard contacted The Register to point out that although the firm's software failed to remove the virus it had in fact detected the presence of the ancient malware on the affected Vista machines.

The firm's PR and technology consultant Benjamin Verduign told us that because the virus had laid dormant for so long signature files were no longer present in its anti-virus software to clean up the virus.

He explained that software and anti-virus firms have to regularly make judgement calls over which signature files should be present in the boot sector. Too many could impact the speed at which a machine boots which can be frustrating for the user, Verduign said.

He conceded that the "unfortunate" issue could cause embarrassment for Microsoft and Bullguard but also pointed out that the anti-virus firm's development team had quickly provided a "tailor-made" Vista fix as soon as it learned of the problem.

Asked if this means we could see a resurgence of old viruses attacking new operating systems, Verduign said: "This is not so much a wake-up call but more a reminder" and added that it would be impossible to ever "completely eradicate a virus."


Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022