The British Ministry Department of Education distributed several thousand Windows notebooks to students, some of which contained malware. The malware communicated with Russian servers to download more malware.
In the UK, there is a student program that lends (borrows) laptops and tablet PCs to participate in home education. But the UK Department of Education provided laptops containing malware to students.
Windows 10 laptops provided to schools by the government program Get Help With Technology (GHWT) were pre-installed with the Gamarue malware. This is a remote access worm from the 2010s that is low-profile, according to The Sign up.
The German BSI he says but that it is a program λήψηof malware that can reload the malware and run it on the infected system.
In the case of Andromeda / Gamarue, this could be, for example, the banking Trojans Citadel, Rovnix or UrlZone / Bebloh.
Additionally, Andromeda/Gamarue can gain additional features with the help of plugins. Among other things, there is a plugin that blocks data access from both email accounts and from programs FTP and forwards them to the malware administrators. As reported by The Register, a batch of 23.000 computers are affected.
These Appliances were shipped in the past three to four weeks, although it is unclear how many of them are infected. The BBC though he says that few devices have been infected.
Specifically, the affected devices are the GeoBook 1E, manufactured by the Shenzhen-based Tactus team. It is currently considered that the malware was pre-installed on the devices by the manufacturer.