14 DAY TRIAL // IBM has issued a security warning for users of some of its USB flash drives which may already come back with malicious code.
The problem, it seems, is related to flash drives shipped with IBM Storwize products. According to the company, they store the Initialization Tool for IBM Storwize, which is a big data storage system for data centers.
IBM states that the part number of the infected flash drives is 01AC585 and they have been shipped with a number of products such as the IBM Storwize V3500 - 2071 models 02A and 10A, IBM Storwize V3700 - 2072 models 12C, 24C and 2DC, IBM Storwize V5000 - 2077 models 12C and 24C, as well as IBM Storwize V5000 - 2078 models 12C and 24C.
"IBM has identified a malicious file distributed on USB flash drives used in the initialization tool for IBM Storwize V3500, V3700 and V5000 Gen 1 systems. When the initialization tool is launched from the USB flash drive, the tool copies itself to a temporary folder on the hard drive of the desktop or laptop during normal operation," the company said.
The malicious file is then copied with the initialization tool to a temporary folder (%TMP%\initTool for Windows and /tmp/initTool for Linux).
What can you do?
IBM advises users to verify their antivirus software to see if it has already removed the infected file or removed the directory containing the infected malicious file.
The company points out that Windows users should make sure the entire directory is deleted, not moved to the Recycle Bin.
IBM further advises people to either destroy the USB flash drive so it cannot be reused or to repair it by permanently deleting the folder called InitTool on the flash drive, and then download a fresh copy of the Initialization tool package from FixCentral.
The malicious code present on the infected drives is only copied to user devices, but not executed. There is no additional detail regarding this malware in the IBM advisory, nor is there information about how it got on the flash drives in the first place.