IBM warns of malware it shipped on flash drives

From CNET: IBM is urging customers to destroy flash drives it shipped to storage system customers because they contain malware.

The company warned in an advisory Tuesday that an unspecified number of USB flash drives shipped with the initialization tool for Storwize systems contain malicious code. IBM instructed customers who received the V3500, V3700 and V5000 Gen 1 systems to destroy the drive to prevent the code from replicating.

"When the initialization tool is launched from the USB flash drive, the tool copies itself to a temporary folder on the hard drive of the desktop or laptop during normal operation," IBM said in its advisory.

The malicious code is part of the Reconyc Trojan malware family, which typically targets computers in Russia and India, according to data from Kaspersky Lab.

IBM said that while the malware is copied onto the victim's device, the malicious code is not executed during initialization.

IBM recommends users who have already inserted the drive into their systems run an antivirus system to remove the malware. Users can also remove the directory containing the identified malicious file.

View: Article @ Source Site