[K3CAL] ALERT TO THOSE WHO HAVE PURCHASED CHEAP CHINESE H-Ts (I am one!)

[Wa4prr]

All who have or are thinking about purchasing a cheap Chinese H-T, please read the following alert I have received on the NASA ARC mail reflector!  The radios are  OK, but the programming software with it has hidden VIRUS AND / or TROJAN HORSE programs!  See below.  73,

Ron Byzet / WA4PRR - Sent from my iPad

--------------------------------------------------------------
This message traffic is of, by and for members and friends
of the NASA Goddard Amateur Radio Club (GARC) and WA3NAN.
--------------------------------------------------------------

FYI - software that comes with some Chinese products can be bad news, excerpts from some amateur radio e-mails...73 Ron N3AEA

----------------------------------

A Colorado-based IT specialist and advisor to the military sends this caution about a dangerous bargain in the ham radio marketplace.

The best buy these days in handheld transceivers are the ones from Hong Kong. They are being purchased by amateurs, public service providers, and others in government organizations. Some versions have FCC and other type acceptance. The transceivers sell for a fraction of the price of comparable units from the big three yet can work all the amateur and public service frequencies from the civil aircraft band to the top of the public service UHF band. They have many memories and features and can be programmed from a PC. Powered by big lithium ion batteries (included) they are a steal for $55.00. 

Or so it would seem.


I work for Digital Globe Incorporated, a government contractor we are working with the USG to resolve issues as they appear with regard to computer and Internet security. The software tools we use are among the strongest available anywhere (and as a result, the most intrusive and painful!)   So when I put the tiny driver CD that came with my [Chinese] handheld transceiver's programming cable into a machine to scan it I had no idea that the disk would pull an immediate alert. The alert was so strong that I could not go any further and determine contents, files, names of virus, and so forth.


The CD was given to our computer security department. They will process it and forward the results to their USG contact. This is only the second time I have seen an alert this strong. The other time (last week actually) was while downloading a .pdf research paper from a university researcher's site.


Lest anyone think otherwise, we are under attack. One might suspect that the "real" object of the exercise with regard to the very low cost of the Hong Kong HTs is the unseen present on the CDs. I'm not a conspiracy theory sort of guy; we can talk more about this at some point.


I might suggest a neutrally worded warning to destroy any driver CDs that come with Hong Kong HTs; the Prolific USB/RS-232 drivers are available at no charge from US sites and the public domain open source CHIRP software is more than adequate for programming the radios in any event.


UNCLASSIFIED

___________________

"OK. So like a fool I spent $44 plus another $8 or $9 for the
programming cable and software. The radio's OK - you get about what you
pay for. Today, I placed the software CD in my PC, and I thought that
before I executed anything I would run a virus & spyware scan. Found 2
files that were identified as high risk Trojans
:
BF-6665BF7775BF8885PROGRAMMINGSOFTWARE.rar.IBF-480.exe and
PX-V5+Voice.rar|PXV5P+___.exe 

Seems like they are a variety of "Trojan.Zip.Bredozp.b(v)", which is "a banking trojan that disables firewall, steals sensitive financial data (credit card numbers, online banking login details), makes screen snapshots, downloads additional components, and provides a hacker with the remote access to the compromised system." 

Yep! I got what I paid for! 73, John"