Security News IBM Ships Trojanized USBs to Storage Customers

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
IBM has inadvertently shipped off untold numbers of malware-laden USB flash drives to unwitting customers.

Big Blue sent the USBs to act as initializers for its Storwize disk racks. Now, it’s telling users to "securely destroy the USB flash drive so that it cannot be reused,” or wipe it—and to instead download the files needed.

The USBs have the part number 01AC585, and IBM has listed the various models with which it could have shipped. It also said that the laptop or desktop used to configure the storage arrays are the targets, rather than the storage servers themselves.

According to Kaspersky, the malware is a trojan dropper that can be used to fetch an array of secondary malware, including ransomware and espionage worms. In the past, more than a third of its infections has been concentrated in Russia. IBM’s unintentional role as a distribution partner could widen its reach considerably.

“The malicious program copies its executable file to a temporary folder on the user’s computer and modifies the operating system registry, enabling the malware to run automatically after the user logs in to the system,” Kaspersky

said. “The malware decrypts itself, performs extraction from its resources section and launches other malicious .

Full Article. IBM Ships Trojanized USBs to Storage Customers
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top