[K3CAL] ALERT TO THOSE WHO HAVE PURCHASED CHEAP CHINESE H-Ts (I am one!)

Wa4prr wa4prr at comcast.net
Sat Mar 16 23:30:06 EDT 2013 

Ok to pass along.  This was sent to me as a member of the GSFC Amateur Radio Club.  I was not the only one to got one of the HTs at FrostFest.

Ron Byzet / WA4PRR - Sent from my iPad

On Mar 16, 2013, at 6:12 PM, "Jim Tetlow" <k3uga at yahoo.com> wrote:

> Thanks Ron, wonder if that same Trojan came with usb adaptor cables, that
> have been around for a few years? And if so I wonder if the various virus
> programs we are all running can detect and remove them???
> 
> Is this letter classified or could one forward it to the help center of the
> virus protection that is on ones computer? Thus far I haven't had any
> detection from Norton (yes I Know....) but I may want to send this along. 
> 
> Thanks for the heads up.
> 
> 73's, DE k3uga
> Jim Tetlow
> k3uga at yahoo.com
> 
> 
> 
> -----Original Message-----
> From: k3cal-bounces at mailman.qth.net [mailto:k3cal-bounces at mailman.qth.net]
> On Behalf Of Wa4prr
> Sent: Saturday, March 16, 2013 4:57 PM
> To: K3CAL at mailman.qth.net
> Subject: [K3CAL] ALERT TO THOSE WHO HAVE PURCHASED CHEAP CHINESE H-Ts (I am
> one!)
> 
> All who have or are thinking about purchasing a cheap Chinese H-T, please
> read the following alert I have received on the NASA ARC mail reflector!
> The radios are  OK, but the programming software with it has hidden VIRUS
> AND / or TROJAN HORSE programs!  See below.  73,
> 
> Ron Byzet / WA4PRR - Sent from my iPad
> 
> --------------------------------------------------------------
> This message traffic is of, by and for members and friends of the NASA
> Goddard Amateur Radio Club (GARC) and WA3NAN.
> --------------------------------------------------------------
> 
> FYI - software that comes with some Chinese products can be bad news,
> excerpts from some amateur radio e-mails...73 Ron N3AEA
> 
> ----------------------------------
> 
> A Colorado-based IT specialist and advisor to the military sends this
> caution about a dangerous bargain in the ham radio marketplace.
> 
> The best buy these days in handheld transceivers are the ones from Hong
> Kong. They are being purchased by amateurs, public service providers, and
> others in government organizations. Some versions have FCC and other type
> acceptance. The transceivers sell for a fraction of the price of comparable
> units from the big three yet can work all the amateur and public service
> frequencies from the civil aircraft band to the top of the public service
> UHF band. They have many memories and features and can be programmed from a
> PC. Powered by big lithium ion batteries (included) they are a steal for
> $55.00. 
> 
> Or so it would seem.
> 
> 
> I work for Digital Globe Incorporated, a government contractor we are
> working with the USG to resolve issues as they appear with regard to
> computer and Internet security. The software tools we use are among the
> strongest available anywhere (and as a result, the most intrusive and
> painful!)   So when I put the tiny driver CD that came with my [Chinese]
> handheld transceiver's programming cable into a machine to scan it I had no
> idea that the disk would pull an immediate alert. The alert was so strong
> that I could not go any further and determine contents, files, names of
> virus, and so forth.
> 
> 
> The CD was given to our computer security department. They will process it
> and forward the results to their USG contact. This is only the second time I
> have seen an alert this strong. The other time (last week actually) was
> while downloading a .pdf research paper from a university researcher's site.
> 
> 
> Lest anyone think otherwise, we are under attack. One might suspect that the
> "real" object of the exercise with regard to the very low cost of the Hong
> Kong HTs is the unseen present on the CDs. I'm not a conspiracy theory sort
> of guy; we can talk more about this at some point.
> 
> 
> I might suggest a neutrally worded warning to destroy any driver CDs that
> come with Hong Kong HTs; the Prolific USB/RS-232 drivers are available at no
> charge from US sites and the public domain open source CHIRP software is
> more than adequate for programming the radios in any event.
> 
> 
> UNCLASSIFIED
> 
> ___________________
> 
> "OK. So like a fool I spent $44 plus another $8 or $9 for the programming
> cable and software. The radio's OK - you get about what you pay for. Today,
> I placed the software CD in my PC, and I thought that before I executed
> anything I would run a virus & spyware scan. Found 2 files that were
> identified as high risk Trojans
> :
> BF-6665BF7775BF8885PROGRAMMINGSOFTWARE.rar.IBF-480.exe and
> PX-V5+Voice.rar|PXV5P+___.exe
> 
> Seems like they are a variety of "Trojan.Zip.Bredozp.b(v)", which is "a
> banking trojan that disables firewall, steals sensitive financial data
> (credit card numbers, online banking login details), makes screen snapshots,
> downloads additional components, and provides a hacker with the remote
> access to the compromised system." 
> 
> Yep! I got what I paid for! 73, John"
> 
> ______________________________________________________________
> K3CAL mailing list
> Home: http://mailman.qth.net/mailman/listinfo/k3cal
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:K3CAL at mailman.qth.net
> 
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
> 
> ______________________________________________________________
> K3CAL mailing list
> Home: http://mailman.qth.net/mailman/listinfo/k3cal
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:K3CAL at mailman.qth.net
> 
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html

More information about the K3CAL mailing list