IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

IBM hands out malware laden USBs

IBM has been handing out more than USB sticks at a conference in Australia this week and the security experts weren’t happy with what they got.

USB worm

It is not unusual to receive a freebie USB stick when you attend a conference, but the ones IBM was handing out at a security event in Australia last week had a little extra surprise in store for the attendees.

The complementary sticks passed out at the AusCERT show were riddled with malware two separate worms to be exact and the company was forced to send out emails to the recipients warning them and asking them to return the sticks to IBM's Australian headquarters as soon as possible.

The email said: "At the AusCERT conference this week, you may have collected a complimentary [sic] USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected."

After examining the sticks, analysts at security firm Sophos confirmed the devices were infected with two worms. The first infection was a W32/LibHack-A an infected setup file which gets into the machine when executed and the second was a W32/Agent-FWF a Windows worm capable of logging keystrokes.

"You should exercise care if you plug the device into your computer, since it is an autorun worm - which means it will launch when inserted into a computer if autorun/autoplay is enabled," wrote Graham Cluley, senior technology correspondent at Sophos, on his blog.

"I imagine that the security professionals at IBM will have their head in their hands about this breach, because it wasn't even as though this malware was previously unknown. Sophos has been detecting W32/Agent-FWF, for instance, since June 2007!"

IBM is not the first company guilty of spreading malware in this way.

Cluley claimed that while he was at the RSA conference in San Francisco earlier this year, one of the staff was putting presentations onto attendee's laptops via an infected USB stick.

"She wasn't a security professional, but she was working for a security company - and when she asked me to look at her Windows computer I found she had no anti-virus software installed," he added.

USBs are becoming an increasingly popular way of spreading malicious software. McAfee's latest threat report released earlier this month showed it was the most popular way of getting worms onto systems, despite living in an internet age.

Greg Day, director of security strategy for McAfee, in Europe, the Middle East and Africa (EMEA) told IT PRO: "Go back 20 years and malware used USBs to spread but we have been living in an age of internet and networking malware."

He added: "The report has [shown that] this old technique, that was long forgotten, has come back."

IBM and Sophos both advise users to delete the setup.exe and autorun.inf files and ensure their antivirus software is up to date.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

IT Pro News In Review: UK 4 day week, ransomware payment rise, IBM cut ties with Russia
Business operations

IT Pro News In Review: UK 4 day week, ransomware payment rise, IBM cut ties with Russia

10 Jun 2022
IBM bolsters cyber security offerings with Randori acquisition
mergers and acquisitions

IBM bolsters cyber security offerings with Randori acquisition

7 Jun 2022
IBM's new z16 mainframe brings two industry-firsts and quantum-proof data encryption
Hardware

IBM's new z16 mainframe brings two industry-firsts and quantum-proof data encryption

5 Apr 2022
Software-defined storage for dummies
Whitepaper

Software-defined storage for dummies

1 Apr 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Electrical explosion reported at Google's Iowa data centre
data centres

Electrical explosion reported at Google's Iowa data centre

9 Aug 2022