IBM Sends Out Malware Ladden Flash Drives
Posted by: Timothy Weaver on 05/02/2017 11:10 AM
[
Comments
]
IBM has made a huge mistake.
The company has shipped an untold number of USB flash drives that are ladden with malware. The USB's were sent off to act as initializers for its Storwize disk racks. The malware does not affect the racks, but does infect the computers that are used to configure the storage arrays.
Kaspersky reported that the malware is a trojan dropper that has the capability to download additional malware as well as ransomware.
“The malicious program copies its executable file to a temporary folder on the user’s computer and modifies the operating system registry, enabling the malware to run automatically after the user logs in to the system,” Kaspersky said. “The malware decrypts itself, performs extraction from its resources section and launches other malicious programs.”
IBM is telling users to "securely destroy the USB flash drive so that it cannot be reused.” To manually remove the malicious file, users can delete the temporary directory named %TMP%\initTool in Windows and /tmp/initTool on Linux and Mac.
Source: Info Security
The company has shipped an untold number of USB flash drives that are ladden with malware. The USB's were sent off to act as initializers for its Storwize disk racks. The malware does not affect the racks, but does infect the computers that are used to configure the storage arrays.Kaspersky reported that the malware is a trojan dropper that has the capability to download additional malware as well as ransomware.
“The malicious program copies its executable file to a temporary folder on the user’s computer and modifies the operating system registry, enabling the malware to run automatically after the user logs in to the system,” Kaspersky said. “The malware decrypts itself, performs extraction from its resources section and launches other malicious programs.”
IBM is telling users to "securely destroy the USB flash drive so that it cannot be reused.” To manually remove the malicious file, users can delete the temporary directory named %TMP%\initTool in Windows and /tmp/initTool on Linux and Mac.
Source: Info Security
Comments
