China-Made Handheld Barcode Scanners Ship with Spyware

Some Chinese-manufactured shipping-barcode handheld scanners — of the type used by many United States retailers and warehouses, as well as delivery services such as UPS and FedEx — were found to have sophisticated spyware preloaded on them, according to San Mateo, California-based security company TrapX. Dubbed “Zombie Zero,” the information-stealing malware is likely part of a state-sponsored industrial-espionage campaign.

The malicious software is located in the scanners’ Windows XP Embedded operating systems, according to TrapX’s report. When the handheld scanners connect to a company’s Wi-Fi network, the Zombie Zero malware activates, hacking into company servers and stealing information, from shipping manifests to corporate secrets. All the information goes to servers in China.

author: Jill Scharr