- The British government has provided students in need with laptops that come pre-loaded with a dangerous worm.
- The DfE believes this is a limited infection that concerns only a small number of devices.
- Users should clean these devices using AV tools in safe boot mode and double and triple check.
The UK Department for Education has distributed 800,000 laptops to students attending classes from home. However, unfortunately, at least some of them come pre-loaded with the Gamarue (aka Andromeda) botnet malware.
That’s a pretty nasty self-propagating network worm that can spread to other devices connected on the home WiFi of these students, possibly to their parents’ work laptops, and from there to school and company networks. The nine-year-old worm can install spyware that steals banking details, harvests passwords, and takes screenshots.
The particular devices were given out for free to support students whose families are in a difficult financial situation, so this incident becomes even worse. The Department for Education has stated that they are aware of the issue but assured the public that it only concerns a small number of devices they are investigating as urgent priorities and will resolve promptly.
However, no word was given on how the malware managed to creep into the laptops in the first place. Possibly, some cost-cutting approaches led to this situation or a supply chain compromise from someone who knew about the final destination of these devices.
If you are among the recipients of these laptops, you are advised to reboot into safe mode and run a full scan using an up-to-date anti-virus product from a reputable vendor. If you’re looking for a good yet free solution for this, BitDefender is a great choice, Avast is another reliable option, Kaspersky Security is strong, Sophos Home is good, and Avira and Panda are also very effective. So, there are choices, and all of them will help you uproot the particular worm, as it’s pretty old and well-documented.
Of course, having to go through this process is a failure from the state’s side. Still, families should see this as an opportunity to learn about security, not trusting whatever device is being offered to you or even bought by you, and performing effective cleanups.
If you’re unsure how to do the above, though, do not risk the safety of your data. Either ask for a professional’s help or return the laptop and request the distributor to replace it with one that has been thoroughly checked and confirmed to be clean.