For some time now, mini PCs have become a perfect device for both work and leisure, especially if connected to a television. In the market we can find a large number of devices with all kinds of functionalities and from a large number of manufacturers, most of them from China and which we can buy both on Amazon and on AliExpress.
Some also include a version of Windows 11 preinstalled, which is an additional point when purchasing it since there is no need to make an additional payment if you want to use it with the Microsoft operating system. However, this in turn poses a problem because it is possible that any type of malware is included inside.
YouTuber The Net Guy Reviews posted a video a few days ago in which he stated that the AceMagic AD08 mini PC with preinstalled Windows 11 that he received a few days ago for review, spy software included which was detected by Microsoft Defender in the recovery copy of the operating system. At first you might think that this is a striking title to gain visits, however, it is the same problem that is also found in other models of the same manufacturer as other users have purchased, so this is not an isolated case.
The malware found on these devices belongs to the Bladabindi and Redline families. Both are classified as malware by Microsoft Defender and Virus Total and most antiviruses on the market and is located in the ENDEV and EDIDEV files on the recovery partition.
This type of malware is designed to steal passwords stored in web browsers, including cryptocurrency wallets. Additionally, they include a keystroke logging and extract the information sent outside the computer. Other models were infected with other modalities of the same Trojan that opened a back door in the operating system to be able to steal data on demand.
Additionally, some of these models included a modified version of Windows 11 without original license of Windows 11, they have therefore been modified so that Windows does not detect these files thanks to periodic scans carried out by Microsoft’s antivirus. According to the manufacturer, who contacted the YouTuber who discovered this case, the manufacturer detected this problem and withdrew all the devices it had launched on the market and which were affected by this virus, without giving further explanations on the reasons. Their computers arrived with spyware inside. .
It also did not contact buyers who purchased units infected with this malware, which arguably says very little in its favor about its commitment to customers, as long as it is not a practice common one that I have been using for a long time. What is clear is that, if we are considering buying a mini PC with Windows 11, if we do not know that the equipment includes a non-native Windows application, such as Chrome, we must format disk and reinstall Windows from scratch, as this is the only way to eliminate any viruses included in the system.
