Post by bisal37 on Mar 12, 2024 7:16:23 GMT
Owned and operated by Shenzhen Shanminheng Technology, a Chinese technology company, AceMagic is known for its extensive line of mini PCs that provide high performance at affordable prices. However, the company has now been forced to admit that it shipped at least one batch of devices with factory-installed spyware. The issue came to light after John Freeman of YouTube channel The Net Guy Reviews tested the AceMagic AD08 mini PC and found it contained files identified by Windows Defender as malware. He claims that other models marketed by AceMagic, including the AD15 and S1, also contain similar malware. All of these devices are sold on Amazon, potentially compromising users' privacy and security.
According to the YouTuber, he first noticed the USA Phone Number problem when the built-in Windows security software detected suspicious files in the recovery partition on the device's SSD. Upon closer inspection, he found the two problematic executables - ENDEV and EDIDEV - hidden in the "OsVer" subfolder inside the folder. Windows installation folder. Further investigation revealed that the two files were part of the Bladabindi and Redline spyware families. Redline is known to steal browser passwords, empty crypto wallets, and hijack various important website accounts such as Steam, Filezilla, Telegram, and more. It can also steal VPN data, track your IP address, and evade antivirus detection by encrypting part of its source code.
Once a machine is infected, it can send your personal information to malicious actors. Meanwhile, Bloodabindi is a backdoor Trojan that provides remote access to hackers to steal data. Worryingly, these files were also found in the recovery folder, meaning they will be reinstalled even if you wipe the C:/ drive and reinstall. Windows using the built-in 'Recovery' feature. A full system scan also finds additional unknown files in the Windows folder. A Virustotal scan identified them as malware. Interestingly, Freeman purchased another AceMagic AD08 mini PC from Amazon and found it to be free of the malware problems that affected the first device.
According to the YouTuber, he first noticed the USA Phone Number problem when the built-in Windows security software detected suspicious files in the recovery partition on the device's SSD. Upon closer inspection, he found the two problematic executables - ENDEV and EDIDEV - hidden in the "OsVer" subfolder inside the folder. Windows installation folder. Further investigation revealed that the two files were part of the Bladabindi and Redline spyware families. Redline is known to steal browser passwords, empty crypto wallets, and hijack various important website accounts such as Steam, Filezilla, Telegram, and more. It can also steal VPN data, track your IP address, and evade antivirus detection by encrypting part of its source code.
Once a machine is infected, it can send your personal information to malicious actors. Meanwhile, Bloodabindi is a backdoor Trojan that provides remote access to hackers to steal data. Worryingly, these files were also found in the recovery folder, meaning they will be reinstalled even if you wipe the C:/ drive and reinstall. Windows using the built-in 'Recovery' feature. A full system scan also finds additional unknown files in the Windows folder. A Virustotal scan identified them as malware. Interestingly, Freeman purchased another AceMagic AD08 mini PC from Amazon and found it to be free of the malware problems that affected the first device.