14 DAY TRIAL // IBM has warned AusCERT participants that many, if not all, USB memory sticks distributed for free at its presentation booth during the conference, carried malware. The infected file was set to be executed via Autorun when the devices got plugged into a Windows computer and installed a keylogger component.
The 2010 edition of the AusCERT Asia Pacific Information Security Conference, took place between 16th and 21st May on the Australian Gold Coast. Aside from attending this year's talks and presentations, participants had the opportunity to visit the exhibition stands of many companies selling security products. IBM, one of the conference's main sponsors.
Today, the conference organizers sent out an email to all attendees informing them that IBM, one of the event's main sponsors, handed out infected memory sticks from its booth. "At the AusCERT conference this weak, you may have collected a complimentary USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected," part of the message read.
In it is also noted in the email that the malware in question dates back to 2008 and is detected by most antivirus products. While this is good news for the unlucky people who got their hands on these memory sticks, it makes it look even worse for IBM. Had this been a new malware strain with poor AV detection rate, the company might have had an excuse.
"This must rank as one of the most embarrassing things a security company can do at a security conference," Graham Cluley, senior technology consultant at Sophos, commented. "Any company handing out USB sticks to the public should take the appropriate steps to ensure that they are squeaky clean, and not secretly infected with malware. That advice should be driven home even more loudly if you're at a security show like AusCERT," he concluded.
The moral of this story is obvious: always have an antivirus installed on your computer, as the next threat can come even from the most unlikely of places, such as a stand at a security conference. It is also worth pointing out again disabling the frequently abused Autorun Windows feature can be a wise choice. People interested in blocking this attack vector can do so with Panda Security's free USB Vaccine tool.