back to article Big mistake by Big Blue: Storwize initialisation USBs had malware

Big Blue is red-faced after shipping malware-infected initialisation USBs for its Storwize disk racks. The company is therefore strongly suggesting users "Securely destroy the USB flash drive so that it can not be reused." Either that or wipe it, disinfect anything it touched and cross your fingers. Then download the files you …

  1. kain preacher

    Wow what a real winner. Yep from now on I'm formatting ever flash drive I get with fire. I mean I could understand if you were but a cheap flash drive off ebay but this is IBM. they can't afford anti virus soft ware or this a case of using the lowest bidder.

    1. This post has been deleted by its author

      1. kain preacher

        I meant virus scanning tools on the computers that write this stuff. If you are to the point were you have to scan your flash drives before they go out you are already fucked.

        1. Brian Miller

          The USB sticks are loaded on a duplicator. But it should be normal procedure to scan the master before it's put into the duplicator. Always scan masters for infection. I have seen it time and time again where this was not done, and oops, guess who's sent something bad to their customers?

          I also knew developers who kept turning off the virus scanner on their systems, instead of configuring it to ignore the source tree directory.

          1. GBE

            And sample/verify the copies

            "The USB sticks are loaded on a duplicator. But it should be normal procedure to scan the master before it's put into the duplicator. "

            Don't forget to randomly sample and verify the copies...

  2. Anonymous Coward
    Linux

    Malicious malware copies itself to /tmp/initTool

    How do you get trojan.win32.reconyc to load and execute from the /tmp directory on Linux or Mac systems?

    1. dbannon

      Re: Malicious malware copies itself to /tmp/initTool

      Now, just guessing. IBM love to send java based GUI tools to do these sort of setups. And java being what it is, they send a full java environment along with it. The malware could be just one more java "binary".

    2. Anonymous Coward
      Anonymous Coward

      Re: Malicious malware copies itself to /tmp/initTool

      Because some were it has a mac linux version.

    3. Steve Knox
      Trollface

      Re: Malicious malware copies itself to /tmp/initTool

      How do you get trojan.win32.reconyc to load and execute from the /tmp directory on Linux or Mac systems?

      Well, first you need to install and configure Wine...

  3. Nolveys
    Happy

    Forward Thinking Company

    IBM's so ahead of the game that those responsible for the fault in security were proactively sacked many months ago. Also, those responsible for sacking the people who were sacked have been sacked. Those that IBM hired to replace the other people who have been sacked wish it to be known that they have just been sacked. The QA has been completed in an entirely different style at great expense and at the last minute in India.

    1. Captain DaFt

      Re: Forward Thinking Company

      If I could give more than one upvote... ☺

      1. fobobob

        Re: Forward Thinking Company

        Don't worry, I took care of it :3

      2. Alistair
        Coat

        Re: Forward Thinking Company

        @ Captain

        The "Moved" folks have helped out on this one.....

        /The one with the recently updated resume in the pocket please....

    2. Glenn Booth

      Re: Forward Thinking Company

      The QA has been completed in an entirely different style at great expense and at the last minute in India.

      By a llama?

      1. Fortycoats

        Re: Forward Thinking Company

        Well obviously it was a llama. I don't think you'll find a møøse in India......

  4. Anonymous Coward
    Anonymous Coward

    They are not the first but at least they went public

    I know of another Tier 1 vendor who supplied malware via USB, only told select customers and only after they signed a NDA.

    1. Anonymous Coward
      Anonymous Coward

      Re: They are not the first but at least they went public

      I've heard of one, too. Only it was a download for an initialisation tool (you had to supply your own USB stick). The download in question was quickly pulled and replaced.

    2. Anonymous Coward
      Anonymous Coward

      Re: They are not the first but at least they went public

      "...only told select customers and only after they signed a NDA."

      You know, unless you signed the NDA as Anonymous Coward, you could perhaps enlighten us all?

      :)

  5. Anonymous Coward
    Anonymous Coward

    Unfortunately, IBM has become a victim of the global supply chain and probably a rouge nation. This is becoming very common and probably worthy of a lot of attention. A few weeks back there was a news alert on how millions of Android - based cell phones had been intercepted within the global supply chain and intentionally infected with malware. In other words the cell phones shipped from their factories virus free and arrived at their carrier's shops pre-loaded with free malware. We have a serious problem within the global supply chain that should scare everyone.

    What the Register should have mentioned is that the virus loaded on IBM's USB keys, once executed, actually calls home to North Korea and has been known since 2012.

    1. hellwig

      (global supply chain)

      It's almost like using cheap labor in unregulated foreign countries is a bad idea.

      As the Snowden leaks show, even foreign entities are not safe from US goods, as the NSA/CIA will intercept shipments and modify equipment as well.

      Trust No One (how do I set this as a signature? I'm using it a lot)

    2. a_yank_lurker

      "Unfortunately, IBM has become a victim of the global supply chain"

      More accurately the were a victim of their greed and incompetence.

      1. Darth.0

        Re: "Unfortunately, IBM has become a victim of the global supply chain"

        Well the big question is, did anyone pick up in North Korea? Probably not. My guess is they were too busy with failed missile launches.

  6. Anonymous Coward
    Anonymous Coward

    "Unfortunately, IBM has become a victim of the global supply chain and probably a rouge nation"

    Well, they've certainly been left red-faced

    1. Palpy
      Coat

      Red-cheeked, anyway.

      Only thing worse than a rouge nation is a lipstick nation. Mine's the one with the swish.

  7. herman Silver badge

    IBM: Infected Business Machines

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like