Dancho Danchev at the Zero Day ZDNet blog reports that Asus has accidentally shipped new desktop PCs with malware on the hard drives:
As Dancho notes, this is not the first time that a mass-market hardware product has been sold with malware pre-installed:
In addition to last month’s Asus fiasco when they accidentally shipped cracking tools and confidential documents on recovery DVDs, the company is among the increasing number of companies that have shipped malware on their products during the last couple of years - Apple (2006), TomTom (2007), Seagate (2007), and HP (2008).
Fortunately, these are still relatively small-volume, isolated incidents, not a mass threat. Web and e-mail are still much easier and more widespread attack vectors for malware distributors.