USB Flash Drives May Contain Malware, IBM Warns

3May - by Dawood Khan - 0 - In News

IBM has issued a security alert last week, warning customers that some USB flash drives shipped with IBM Storwize products may contain malicious code.

Tesla will unveil its electric semi truck in September Tesla CEO Elon Musk says his company will unveil its electric tractor-trailer truck this September, calling the vehicle “seriously next level” and praising the Tesla team for doing “an amazing job.”He also revealed that Tesla will show off an electric pickup truck in “18 to 2...

The USB flash drive is said to store the Initialization Tool for IBM Storwize, a big data storage system (rack-based disks system) for data centres.

The part number of the infected flash drives is 01AC585. IBM says these USB sticks have been shipped with products such as:

IBM Storwize V3500 - 2071 models 02A and 10A
IBM Storwize V3700 - 2072 models 12C, 24C and 2DC
IBM Storwize V5000 - 2077 models 12C and 24C
IBM Storwize V5000 - 2078 models 12C and 24C

IBM Initialization Tool USB (left); IBM Storwize rack (right)

"Neither the IBM Storwize storage systems nor data stored on these systems are infected by this malicious code," said IBM.

Cheap Ransomware-as-a-Service On Dark Web Forget about developing sophisticated banking trojans and malware to steal money out of people and organizations. Today, one of the easiest ways that can help cyber criminals get paid effortlessly is Ransomware.This threat became even worse after the arrival of ransomware as ...

Furthermore, USB flash drives used for Encryption Key management, which also ships with Storwize equipment, are not affected by this issue.

Malicious code is copied, but not executed

According to IBM, when users run the IBM Storwize Initialization Tool, the malicious code is copied, along with the rest of the Initialization Tool, on the user's device. The location where this data is copied is:

On Windows systems: %TMP%initTool
On Linux and Mac systems: /tmp/initTool

IBM says the malicious code is only copied to user devices, but not executed. The company didn't provide details about the nature of this malicious code, or how it got on its USB flash drives, but based on current detections on antivirus engines, this appears to be a basic malware downloader.

IBM recommends formatting USB sticks

The company recommends that Storwize customers scan their system for the aforementioned folders and remove the directories.

Once the malicious code has been removed from infected devices, IBM recommends that users format their USB flash drive, download a safe copy of the Storwize Initialization Tool, and unzip its content on the original USB flash drive.

Microsoft Has Already Patched Exploits Leaked By Shadow Brokers The latest dump of hacking tools allegedly belonged to the NSA is believed to be the most damaging release by the Shadow Brokers till the date.But after analyzing the disclosed exploits, Microsoft security team says most of the windows vulnerabilities exploited by these hacki...

Leave a Reply

Your email address will not be published. Required fields are marked *