October 25, 2017 – Brian Krebs, a known and respected journalist that covers cyber, reported that Dell Inc. had lost control of a the web address that is used by the Dell Backup & Recovery service installed on just about every Dell computer produced. There are indications that during a few weeks this past summer, a malicious group took control of the address and may have pushed malware via the service. The suspected time frame was between June and July 2017.
During the period of loss of control, the website address was being directed to a leased server on Amazon that was and currently continues to be known as hosting malicious content.
The software that performs the service comes pre-installed on Windows systems according to the Dell support forums.
If you are using a Dell computer that has the Dell Backup & Recovery service running on it, ensure your malware/anti-virus software is up-to-date, and be wary of any calls or pop-ups on your computer claiming to be Dell tech support, even if they provide you with the correct service tag. If you receive a call or pop-up, call Dell directly.
For Krebs’ full report see https://krebsonsecurity.com/2017/10/dell-lost-control-of-key-customer-support-domain-for-a-month-in-2017/