Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

March 31st, 2011, 10:45 GMT · By

Samsung Denies Accusations of Installing Keyloggers on Laptops

SHARE:

Adjust text size:


Samsung did not install StarLogger on laptops
Enlarge picture
Samsung has investigated claims that at least two of its laptop models were shipped preloaded with a keylogger and dismissed the incident as the result of an antivirus false positive detection.

NetSec Consulting Corp founder Mohamed Hassan reported yesterday that two laptop models from Smasung, namely R525 and R540, come infected with a keylogger.

Mr. Hassan's based his report on an alert from an antivirus program which detected the StarLogger malware in the "C:\WINDOWS\SL" directory.

The security professional compared the incident to Sony's bundling of a rookit for copy protection purposes on CDs in 2005.

The scandal resulting from that decision and the class action lawsuits that followed ended up costing Sony over $500 millions.

Samsung immediately launched an investigation and determined that the folder in question is part of the Slovenian language support for Microsoft’s Live application.

The false positive alert was generated by VIPRE Antivirus, a product developed by GFI Security (formerly Sunbelt). The company has since admitted and fixed the error.

"The detection was based off of a rarely-used and aggressive VIPRE detection method, using folder paths as a heuristic. I want to emphasize 'rarely', as these types of detections are seldom used, and when they are, they are subject to an extensive peer review and QA process," explained Alex Eckelberry, general manager of GFI Security.

Security researchers from F-Secure also confirmed that this is a false positive detection so it seems the security industry cleared Samsung of any shady behavior.

However, false positives can be a problem for businesses. Two years ago we wrote about one case where the of sales an UK online florist shop dropped by 50% after its legit marketing emails were tagged as infected by MessageLabs (now part of Symantec).

There are also cases when devices do indeed ship preloaded with malware, but intentionally. Such was the case of Vodafone Spain, which delivered 3,000 phones with infected microSD cards last year.

TELL US WHAT YOU THINK:

631 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


3,000 Mobile Phones Shipped with Malware in Spain
Anti-virus Misdiagnosis Can Hurt Legitimate Businesses
Hardware Manufacturer Serves Malware-Infected Drivers

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use