IBM Warns Customers of Malware-Infected USB Drives

By Amee Florence Payno, Christian Post Contributor

IBM has informed its customers that it has accidentally shipped USB drives infected with malware.

The company issued a support advisory post on Tuesday, May 2, warning that an unspecified number of USB flash drives shipped with the initialization tool for Storwize systems contain malicious code. IBM advised the customers who received the V3500, V3700 and the V5000 Gen 1 systems to destroy the drive in order to prevent the code from replicating further.

"When the initialization tool is launched from the USB flash drive, the tool copies itself to a temporary folder on the hard drive of the desktop or laptop during normal operation," IBM said in its advisory.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

The infected drives shipped with the partnumber 01AC585. IBM also noted that the Storwize systems with serial numbers starting with 78D are not affected.

When the infected flash drive is plugged into a computer, the malware transfers to the device by copying its malicious code into a temporary folder while the Storewize initialization tool launches. The code appears in a folder named "%TMP%initTool" on Windows or "/tmp/initTool" on Linux and Mac machines.

According to IBM, the file is not executed during the initialization process while the malicious files are copied onto the computer. The company also mentioned that it is solely the flash drive that is at risk. The Storwize storage systems themselves and the data stored on those systems are not actually infected.

Security firm Kaspersky Lab reported that the malicious code found on the drive is related to the malware family of the Reconyc Trojan. This type of malware is capable of intercepting keyboard input, taking screenshots and capturing a list of active applications, among others. It typically targets computers in Russia and India.

This is not the first time that IBM has distributed infected USB drives. At the AusCERT conference in Australia back in 2010, the company handed out to attendees who visited their booth free USB drives that were infected with malware.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.