Welcome to WebmasterWorld Guest from 50.19.0.90

Forum Moderators: open

Message Too Old, No Replies

Dell warns of malware on replacement server motherboards

PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410

     
4:53 pm on Jul 22, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts: 3115
votes: 2


As part of Dellís quality process, we have identified a potential issue with our service mother board stock... The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware. This malware code has been detected on the embedded server management firmware...


[en.community.dell.com...]

<added>:

There are important pieces of information to note:

1. This issue does not affect any Dell PowerEdge servers shipped from our factories and is limited to a small number of the replacement motherboards only which were sent via Dellís service and replacement process for four servers: PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410. The maximum potential exposure is less than 1% of these server models.

2. Dell has removed all impacted motherboards from the service supply. New shipping replacement stock does not contain the malware.

3. TheW32.Spybot worm was discovered in flash storage on the motherboard during Dell testing. The malware does not reside in the firmware.

4. All industry-standard antivirus programs on the market today have the ability to identify and prevent the code from infecting the customerís operating system.

5. Systems running non-Microsoft Windows operating systems cannot be affected.

6. Systems with the iDRAC Express or iDRAC Enterprise card installed cannot be affected.

7. Remaining systems can only be exposed if the customer chooses to run an update to either Unified Server Configurator (USC) or 32-bit Diagnostics.

[edited by: Brett_Tabke at 1:37 am (utc) on Jul 23, 2010]
[edit reason] added updated info [/edit]

5:06 pm on July 22, 2010 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts: 2886
votes: 1


Get your server repaired and receive free bonus software!

This is not comparable with the average cross site scripting hack or even infecting USB sticks. Developing malware to be embedded in the firmware of a server line and being able to inject it somewhere in the logistical process of the repair stock requires knowledge, careful planning and people on crucial positions.
5:28 pm on July 22, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator lifeinasia is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 10, 2005
posts:5550
votes: 24


requires knowledge, careful planning and people on crucial positions.

Queue up "Mission:Impossible" theme music!

Wow, and to have it happen in a company like Dell.

I can't wait for the first "Dude, you're getting malware!" YouTube parody of the old Dell commercials.
6:12 pm on July 22, 2010 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12166
votes: 51


Aren't those motherboards manufactured in China?
6:17 pm on July 22, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1


^ yes, I really wish we had some state side fab outfits.

Its needed purely based on national security, we can't trust china to ship us clean trouble free boards.
8:09 pm on July 22, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 21, 2001
posts:1281
votes: 0


Cue china bashing
we can't trust china to ship us clean trouble free boards
Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners
8:16 pm on July 22, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts:3115
votes: 2


I think a better comment would have been "we can't trust any foreign country to ship us clean trouble free boards".

China may make the lion's share of computer equipment, but they are not the sole supplier of chips, boards and other hardware/software in machines used in the U.S.
8:46 pm on July 22, 2010 (gmt 0)

Junior Member

10+ Year Member

joined:July 1, 2004
posts:139
votes: 0


Its worth repeating:

Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners
8:56 pm on July 22, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts:3115
votes: 2


No argument there. However, what you are referring to is software. The way I see it, when you have a foreign country, any foreign country, supply hardware that will be used on equipment that could be put in computers used by the government, there is always a possibility that something malicious will happen.
9:10 pm on July 22, 2010 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6148
votes: 282


Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners


It's scary foreigners distributing spam, virii and malware via U.S. servers. And some U.S. folks, too. There's bad actors everywhere, but when it gets to the hardware level, that's a real problem.
10:26 pm on July 22, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1



Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners


apples, oranges.

you can't compare a USA fab line and QA vs some guy in his basement with an agenda.
10:43 pm on July 22, 2010 (gmt 0)

Junior Member

10+ Year Member

joined:July 1, 2004
posts:139
votes: 0


Can anyone confirm that the effected hardware was manufactured outside the US? Can anyone confirm that the malicious software (see below) was injected into the flash storage by someone outside the US?

The only information I found was this: "The W32.Spybot worm was discovered in flash storage on the motherboard during Dell testing. The malware does not reside in the firmware."
11:20 pm on July 22, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator robert_charlton is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2000
posts:11314
votes: 165


Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners

That's because we don't make anything here any more... we just market and sell it. ;)
12:03 am on July 23, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1


uh people, this isn't the 1st time tainted hardware has left china US bound. This just might be the 1st time you've heard of it but not me, this has been going on since the 90's.

just like those digital picture frames with a payload headed for your PC as soon as you plugged it in via usb.

Not china bashing just something that has been going on for a very long time.
12:47 am on July 23, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:Sept 12, 2009
posts: 137
votes: 0


Wow, this could be next generation espionage, where the brand new computer it self comes with infected codes.

imagine, if these codes are thought how to escape antivirus while the antivirus is being installed, and these codes has the ability to connect with computers with similar infection and if there are 100s of such computers already in the market, oh! we are talking about a supper computer hidden in the network to steal you..

I dont know, i just cant stop thinking on this, may be i should go and start writing a book or make film on this! :-)
1:34 am on July 23, 2010 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts: 2886
votes: 1


Aren't those motherboards manufactured in China?

Probably, and if you read the linked site, all the newly shipped motherboards are clean. The infection only appears on service parts which are likely to have gone through a refurbishment process inside the US.
11:44 am on July 23, 2010 (gmt 0)

Preferred Member

10+ Year Member

joined:Feb 25, 2003
posts:418
votes: 0


This story is coming just a few weeks after the another widely reported story related to a lawsuit against Dell for a few million faulty motherboards in Dell Optiplex desktops. Dell shipped faulty motherboards to replace motherboards on PCs that have already failed. Large customers including the law firm defending the Dell in lawsuit were affected by the faulty computers due to the same defect.

[cnbc.com...]

Similar thing seems to have happened here. They shipped virus laced boards to replace the faulty boards in servers. Dell is used to these kind of incidents. So nothing to worry.
1:23 pm on July 23, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 29, 2001
posts:1081
votes: 16


Sounds like a motherboard manufacturing organization just lost a good client.

Foolish...
2:30 pm on July 23, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member billys is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 1, 2004
posts:3181
votes: 0


iThink - if you build computers, that's not news. Many motherboards (new and refurbished) were plagued by leaking capacitors in the 2004 timeframe. I was running SETI@home when I first noticed my pc would reboot randomly. The problem was SETI@home caused my machine to run hot, thereby exposing the capacitor problem.

I do agree this is a national security concern. I don't care where they're made, but with these devices running our country, the exposure is enormous.
3:49 pm on July 23, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 21, 2001
posts:1281
votes: 0


Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners
hmmm... seems I need to explain: That was sarcasm, my amazement at the speed of zenaphobic assumptive blame - over enquiry into the cause. Everything is not about national security and scary foreigners remotely controlling your toaster.