The British Ministry of Education distributed several thousand Windows notebooks to students, some of which contained malware. The malware was communicating with Russian servers to download more malware.
In the UK, there is a student program that lends (borrows) laptops and tablet PCs to participate in home education. But the UK Department of Education provided laptops containing malware to students.
Windows 10 laptops provided to schools by the government program Get Help With Technology (GHWT) contained the pre-installed Gamarue malware. It is a low-profile remote access worm from the 2010s, according to The Register.
The German BSI he says but that it is a malware download program that can reload the malware and run it on the infected system.
In the case of Andromeda / Gamarue, this could be, for example, the banking Trojans Citadel, Rovnix or UrlZone / Bebloh.
Επιπλέον, το Andromeda/Gamarue μπορεί να αποκτήσει πρόσθετες λειτουργίες με τη βοήθεια πρόσθετων. Μεταξύ άλλων, υπάρχει μια προσcase που παρεμποδίζει την πρόσβαση δεδομένων τόσο από λογαριασμούς Email όσο και από προγράμματα FTP και τα προωθεί στους διαχειριστές του κακόβουλου λογισμικού. Όπως αναφέρει το The Register, επηρεάζεται μια παρτίδα 23.000 computers.
These devices have been shipped in the last three to four weeks, although it is not clear how many of them are infected. But the BBC he says that few devices have been infected.
Specifically, the affected devices are the GeoBook 1E, manufactured by the Shenzhen-based Tactus team. It is currently considered that the malware was pre-installed on the devices by the manufacturer.