IBM distributed malware accidentally via USB drives

26/04/2017

IBM has notified about a malware detection on some of the USB drives used to store the initialization tool from its storage solutions Storwize. The models affected are V3500 - 2071 02A and 10A, Storwize V3700 - 2072 12C, 24C and 2DC, Storwize V5000 - 2077 12C and 24C and Storwize V5000 - 2078 12C and 24C. According to IBM, the problem would be that when running the Storwize initialization application, a file with malicious code would be automatically copied to a temporary directory on the device where the application was launched, waiting for a user to execute it manually.
IBM has not notified the origin of this problem, although it has published several measures to repair it.

References

26/04/2017

ibm.com

Storwize USB Initialization Tool may contain malicious code
01/05/2017

itnews.com

IBM shipped malware on USB sticks
02/05/2017

motherboard.vice.com

IBM Shipped USB Drives Filled With Malware to Customers
02/05/2017

zdnet.com

IBM warns of malware on USB drives shipped to customers
03/05/2017

xataka.com

El extraño caso de las unidades USB con malware que la misma IBM entregó a sus clientes

Etiquetas

Malware