The website of Computrace shouts at you: Recover Stolen Laptops, Smartphones and Tablets with Absolute LoJack. That’s good news, you might think: a program that (theoretically at least) can be used to locate a stolen laptop.
But all is not well, because the program is pre-installed in the BIOS of millions of laptops, without you knowing about it. According to the manufacturer, Computrace software is disabled in your BIOS when you buy your computer and it is only enabled when you pay and sign up for the Computrace services and then another program, the Persistence Module, is installed.
Computrace can be considered malware because it details what your machine is running, what software is installed, and what IP information is allocated to your machine at the time it reports to Absolute’s network.
The biggest problem, some security analysts say, is that a malicious hacker can manipulate and control the call-home process. That’s because the technology uses a configuration method that contains the IP address, port and URL, all hard-coded in the Option-ROM. At first run, the configuration method is copied in many places, including the registry and hard-disk inter-partition space. It is very easy to modify the configuration, giving it the ability to point the IP and URL to a malicious site, where un-authenticated payloads, such as RATs, can be directed to your laptop.
Because the malware is white-listed by antivirus software, the malicious modifications will go unnoticed.
How do you know if your computer in ‘infected’ with Computrace? Simply download and run PhrozenSoft Computrace Detector v1.0.