Recent Ace Magic / Ace Magician PCs Infected with Malware

A fellow tech creator Net Guy Reviews discovered that a few new mini PCs from Ace Magic were infected with malware that among other things can capture keystrokes from the user.

Having reviewed a few Ace Magic PCs in the past, I wanted to make sure the machines I still had in my possession were clean. Most of them were, although. I did find something concerning in a newer model that I haven’t yet reviewed.

Background on this situation and my findings are the subject of my latest video.

Following the Net Guy’s video, a cascade of reports and articles, including a detailed one from Tom’s Hardware, emerged, outlining the severity of the issue. The spyware, identified as Bladabindi and Redline, is particularly nefarious, capable of stealing passwords from browsers and wallets, logging keystrokes, and transmitting data to a command and control server.

I conducted scans using multiple tools including Microsoft’s Malicious Software Removal Tool, Hitman Pro from Sofos, and Microsoft Defender on the three Ace Magic PCs I had in my possession. My AM06Pro and Kamrui Gaming PC both tested clean.

However, the situation was different with a newer model, the AM20, which restricted my access to Windows Defender. One other issue I noted on multiple Ace Magic PCs is that although they have licensed and activated versions of Windows, they only have the user create a local account – it does attempt to connect to a Microsoft online account.

ACE Magic’s response to the crisis has been to assure that the issue has been resolved with their new stock and was limited mostly to the PCs tested by Net Guy Reviews and others.

For the tech-savvy, the solution might be straightforward: wipe the machine clean and install a fresh copy of Windows or a flavor of Linux. But for the average user, this spyware saga is a reminder of the risks inherit with purchasing cheap computers from relatively unknown overseas brands.