News Mini PC maker ships systems with factory-installed spyware -- AceMagic says issue was contained to the 'first shipment

[Admin]

Different user reports claim that the AceMagic AD08, AD15, and S1 mini-PCs contain malware from the Bladabindi and Redline families.

Mini PC maker ships systems with factory-installed spyware -- AceMagic says issue was contained to the 'first shipment : Read more

 

[ThomasKinsley]

This is what I was afraid of. As soon as I heard that these little mini-PCs used a custom Windows image with a special BIOS, I thought something might be wrong. They're really, really cheap, but that might be because they're banking (ha) on the keyloggers.

 

[USAFRet]

Way to tank your brand.

No matter what you do in the future, that is on the permanent Do Not Buy list.

 

[pug_s]

I would buy it. Just wipe the drive and do a clean install. I've brought 2 of these pc's recently and I did that.

 

[USAFRet]

I would buy it. Just wipe the drive and do a clean install. I've brought 2 of these pc's recently and I did that.

Why reward incompetence?

The only thing they need is bankruptcy and unemployment.

 

[thestryker]

These devices are cheap enough that something along these lines was basically guaranteed to happen. I've never bought a minipc with storage, and if I did the first thing that would happen is it gets wiped.

 

[qwertymac93]

For all we know they just moved the malware to the firmware/UEFI so it's even harder to wipe away. Fool me once, shame on you; fool me twice...

 

[wbfox]

Also would be interested to know how and who put on the malware. And as mentioned, there is always the uefi and firmware and Intel ME, etc.... And then of course there are all the other brands of mini pcs.....

 

[USAFRet]

Also would be interested to know how and who put on the malware. And as mentioned, there is always the uefi and firmware and Intel ME, etc.... And then of course there are all the other brands of mini pcs.....

Apparently, they outsourced the creation and loading of the Windows images.

 

[drivinfast247]

Way to tank your brand.

No matter what you do in the future, that is on the permanent Do Not Buy list.

There goes the prestigious AceMagic brand!

 

[das_stig]

Bigger question, why are Amazon not pulling all their products, as they are assisting in distribution of known compromised hardware ? Ah forgot the almighty profit margin overrules everything !

 

[Notton]

I have a kamrui CK10 from about 4 months ago.
I am not seeing any malware/spyware on it, even after a full scan.
I don't see those exe files in OsVer folder, and they are not hidden either.
No problems with OS activation.

But I do notice that other models sometimes get the OS activation issue.

 

[Amdlova]

That cheap chinese stuff doesn't comes free...

 

[MJS WARLORD]

Spyware/malware hidden in firmware reminds me of something that happening a few years ago in Australia.
At a conference some business guys were swapping stories about dishonest employees who they thought were milking company funds because even though some of them set traps they never caught anybody.

One guy said to stop employees stealing money he kept some vital financial files on flash drives but he was still getting his accounts hit. A tech guy examined the flash drive and it turned out that their was hidden nasties that were on the firmware and it was " phoning home " every time he went online. The drive was made by a small tech company in Australia and when the story hit the media it turned out that loads of businesses admitted using the same drive .... at least they found out how their money was disappearing .

 

[DavidC1]

The drive was made by a small tech company in Australia and when the story hit the media it turned out that loads of businesses admitted using the same drive .... at least they found out how their money was disappearing .

Australia! So it's not just China doing it, and it's no surprise since they are part of the Five Eyes as revealed by Snowden.

 

[LaDonnola]

I would buy it. Just wipe the drive and do a clean install. I've brought 2 of these pc's recently and I did that.

Did you run into any issues with the drivers? The Net Guy mentioned in his video about the spyware that the pc "fought him the whole way" when he was reinstalling windows. I just bought the AMR5 and I plan to wipe it myself.

 

[ShaggyDawg3613]

I would buy it. Just wipe the drive and do a clean install. I've brought 2 of these pc's recently and I did that.

They'll be more careful next time and bury their spyware in the UEFI instead of hard disk/partition. I would avoid their brand forever.

 

[The E]

Confirmed on one I just received 30 minutes ago. They are now on my Do Not Buy list. Remember that the exact same box is sold under different brand names owned by the parent company.

For those just going to reinstall, beware that the malware may be in the archive Win install directory and if so, you'll need to do an absolute clean, from external media install. And not external media you created from the box itself. Glad I was only going to be using this as a text box. I'll never trust it with anything important.

 

[pug_s]

Did you run into any issues with the drivers? The Net Guy mentioned in his video about the spyware that the pc "fought him the whole way" when he was reinstalling windows. I just bought the AMR5 and I plan to wipe it myself.

One PC I got is a Firebat AK2 Pro with the Intel N95 CPU. Another one was a Minisforum mini pc with an Ryzen 4800H CPU. Both done with a Windows 11 usb install and wiping out the internal storage. Though one of the minipc I had to temporily install with an usb ethernet dongle because it doesn't have the nic drivers in the install.

 

[dhjackal]

DO NOT BUY

I had the misfortune to buy a ACEMAGICIAN Mini Gaming PC AMD Ryzen 7 5700U from Amazon on 31st January 2024. It was sitting on my home network for over a week before I really started to tinker with it in anger and earnest. Immediately I started to notice things weren't right. Google Chrome installed and I couldn't remember installing it.....and I hadn't....brower playing up.....upsearching.....machine running slow etc etc so I did a full re-install of the OS !!!WARNING - BUT - WARNING!!! from the supplied OEM and what do you know Goolge Chrome (and the malware, spyware and browser hijacking) virus, trojans, hackadoodle dandies got reinstalled too. I too had to fight the malware to reinstall the OS and anti virus software before I eventually took the machine offline, wiped it clean and returned it to Amazon for a refund. I tried to get some support from Amazon but they were worse than useless. There is no support number for the UK on the companies website and the US branch of the company (when I eventually got through) advised me to contact UK support. Back to square one.

DO NOT BUY.

If you do make sure to wipe the OS and do a fresh install from a reputable and trusted source. Also be careful what you take as advice on YouTube.......some people.....CareyHolzman don't know what they are talking about and should apologie to the writer of this article "It's not dangerous....it's just spying on you...." - what a joke!!!!

 

[The TrippyHippie]

Well thank goodness It was only the first shipment......
But
how many went out in the first shipment?
how long had the first shipment been out in the wild before this issue was discovered?
how many unaware people who recived the first shipment used there bank details and other important private info with the infected systems?
what have you put in place to mitigate any pending lossess that may incur for those who may suffer ID and finaical damage due to using the infected product?

 

[Order 66]

I feel like there will be a class action lawsuit at some point over this. Installing spyware onto to systems sold to customers can't possibly be legal, can it? hopefully said lawsuit will provide compensation for damages to finances and identity caused by the spyware.

 

[The TrippyHippie]

They'll be more careful next time and bury their spyware in the UEFI instead of hard disk/partition. I would avoid their brand forever.

how would you know if that hasnt already been done to first shipment? or other products that could leak sensitive data? unless someone can analyze the current installed Bios\Firmware in this day and age I wouldn't be surpised if loads of small or cheap computer/mobile devices have these types of issues but just not been pick up on, not saying they have but wouldn't be suprised.

 

[dhjackal]

Well thank goodness It was only the first shipment......
But
how many went out in the first shipment?
how long had the first shipment been out in the wild before this issue was discovered?
how many unaware people who recived the first shipment used there bank details and other important private info with the infected systems?
what have you put in place to mitigate any pending lossess that may incur for those who may suffer ID and finaical damage due to using the infected product?

The first shipment? Worldwide? The US appear to have had problems with Bing (no surprise there) and my experience was with Google Chrome. Why are Amazon STILL selling these PC's? No statement from them. No warning to purchases of units in the "first shipment"......where is the after sales support and assistance to worried customers?

 

[dhjackal]

!!! WARNING !!!
I have video recorded some of my experience. The support guy at the US end said "best to change all your passwords"? ALL my passwords? I have literally hundreds. Plus I had to buy full versions of trusted anti virus software to secure my home network and make sure nothing had infected the other machines I have.

I have offered to help their support team and share my experience with them but they were'nt interested. I'm going to try again. Maybe I'll get someone who cares.