Asus warns of infected Eee Box PCs

Units shipped with malware

Asus Eee Boxes have been affected, although it is unclear what percentage

Asustek has issued an alert after a number of its Eee Box desktop PCs were found to contain malware.

The company has informed Eee Box owners in Japan, although it is unclear whether machines in other parts of the world are affected.

At least one hardware review site in the UK is reporting an infection on its Eee Box unit, but it is not known whether the malware was shipped with the box or if the machine was infected at a later date.

The systems in Japan are said to be infected with a virus which spreads itself through removable drives, and may log system information.

The virus dates back to 2006 and can be detected and removed by a number of security suites. Other Asus models are not believed to be affected.

Asustek is not the first company to accidentally ship an infected product. Last year, hard drive vendor Seagate inadvertently shipped an infected batch of hard disks, while European retailer Medion unknowingly sold PCs containing an archaic floppy disk virus.

Graham Cluley, senior security consultant at Sophos, said that, while it is still unclear as to how the infection occurred, there are several possible scenarios.

"It is not clear at the moment whether all Asus Eee devices are affected or just a percentage," Cluley wrote in a blog posting.

"If it is all, then clearly the image that Asus is putting onto its hard drives has not been properly audited, but if only some are infected then it is possible that this was an issue introduced at quality control.

"Perhaps a percentage of Asus Eee Boxes were tested on the conveyor belt for quality control reasons using an infected USB stick."