Browse Definitions:
Definition

pre-installed malware

Contributor(s): Matthew Haughn

Pre-installed malware is malicious software that is put on a machine before it is delivered to the user.

New devices are usually assumed to be uncompromised but there are numerous reports of malicious software existing on new hardware. Malware may be installed on computing devices by disgruntled employees, organized crime figures, government officials or the manufacturer.

Pre-installed malware comes in many forms as standard malware, from fake applications to invisible spyware programs.

A few examples of pre-installed malware:

  • Android smartphones have been sold with pre-installed with a fake Netflix app that steals user credit card data.
  • Point-of-sale (POS) card readers have been delivered with pre-installed sniffer programs. 
  • USB drives and cameras given out as gifts at trade shows have had pre-installed Trojans that enable remote access to the recipients' computers.
  • SmartScreen in Windows 8.1 reportedly has pre-installed spyware that records every piece of software a user installs and has the capacity to disable software or hardware. 
  • According to its own report, the NSA (National Security Agency) routinely intercepts servers, routers and other devices being shipped overseas and builds backdoor surveillance technologies into them. 

 

See also: government Trojan

 

This was last updated in July 2014

Continue Reading About pre-installed malware

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces.

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

SearchSecurity

  • FIDO (Fast Identity Online)

    FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the...

  • cryptanalysis

    Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and ...

  • Trojan horse (computing)

    In computing, a Trojan horse is a program that appears harmless, but is, in fact, malicious.

SearchHealthIT

SearchDisasterRecovery

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

SearchStorage

  • personal cloud storage (PCS)

    Personal cloud storage (PCS) enables users to store data, photos, music, videos and other files on a local network-attached ...

  • cloud SLA (cloud service-level agreement)

    A cloud SLA (cloud service-level agreement) is an agreement between a cloud service provider and a customer that ensures a ...

  • wear leveling

    Wear leveling is a process that is designed to extend the life of solid-state storage devices.

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close