AsiaBizTech: HP Japan Distributes Computer Virus from Web Site; Cause is Lax Linux SecurityJan 24, 2001, 18:38 (21 Talkback[s])
[ Thanks to Bill Nuxli for this link. ]
"Hewlett-Packard Japan Ltd. (HP Japan) distributed device drivers without knowing a computer virus had infected its Web site from Dec. 17-19, 2000. The virus routed through Hewlett-Packard Australia Ltd.'s Linux server, which maintains software programs. HP deploys a strict security management system worldwide, but a small security hole in the system led to this occurrence."
"The virus that attacked HP Japan is a known virus called "W32/Funlove" (alias PE_FUNLOVE.4099). It broke into HP Japan's Web site that provides printer drivers and BIOS (Basic Input Output System) for PC servers, and infected 51 programs of these files. HP Japan started a download service for these files at noon on Dec. 17, 2000, and stopped the service at 3 p.m. on Dec. 19 after receiving complaints from users."
"Another reason was that the server in Australia was Linux-based. "In a Linux environment, there is no software tool that is capable of automatically checking for viruses on writing files and, therefore, we could not prevent the virus from infecting files," an HP Japan official said."