It is not unusual to receive a freebie USB stick when you attend a conference, but the ones IBM was handing out at a security event in Australia last week had a little extra surprise in store for the attendees.
The complementary sticks passed out at the AusCERT show were riddled with malware two separate worms to be exact and the company was forced to send out emails to the recipients warning them and asking them to return the sticks to IBM's Australian headquarters as soon as possible.
The email said: "At the AusCERT conference this week, you may have collected a complimentary [sic] USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected."
After examining the sticks, analysts at security firm Sophos confirmed the devices were infected with two worms. The first infection was a W32/LibHack-A an infected setup file which gets into the machine when executed and the second was a W32/Agent-FWF a Windows worm capable of logging keystrokes.
"You should exercise care if you plug the device into your computer, since it is an autorun worm - which means it will launch when inserted into a computer if autorun/autoplay is enabled," wrote Graham Cluley, senior technology correspondent at Sophos, on his blog.
"I imagine that the security professionals at IBM will have their head in their hands about this breach, because it wasn't even as though this malware was previously unknown. Sophos has been detecting W32/Agent-FWF, for instance, since June 2007!"
IBM is not the first company guilty of spreading malware in this way.
Cluley claimed that while he was at the RSA conference in San Francisco earlier this year, one of the staff was putting presentations onto attendee's laptops via an infected USB stick.
"She wasn't a security professional, but she was working for a security company - and when she asked me to look at her Windows computer I found she had no anti-virus software installed," he added.
USBs are becoming an increasingly popular way of spreading malicious software. McAfee's latest threat report released earlier this month showed it was the most popular way of getting worms onto systems, despite living in an internet age.
Greg Day, director of security strategy for McAfee, in Europe, the Middle East and Africa (EMEA) told IT PRO: "Go back 20 years and malware used USBs to spread but we have been living in an age of internet and networking malware."
He added: "The report has [shown that] this old technique, that was long forgotten, has come back."
IBM and Sophos both advise users to delete the setup.exe and autorun.inf files and ensure their antivirus software is up to date.
-
96% of SMBs are missing critical cybersecurity skills – here's whyNews The skills shortage hits SMBs worse as they often suffer from a lack of budget and resources
-
Rising data breach costs show no signs of slowing down, says IBMNews Data breach costs continued to rise, according to IBM, and they’re taking longer to recover from
-
Sophos Firewall Virtual review: Affordable network protection for those that like it virtualizedReviews Extreme network security that's cheaper than a hardware appliance and just as easy to deploy
-
MSPs are struggling with cyber security skills shortagesNews A shortage of tools and difficulties keeping pace with solutions were also ranked as key issues for MSPs
-
Nearly 70 software vendors sign up to CISA’s cyber resilience programNews Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US
-
Sophos and Tenable team up to launch new managed risk serviceNews The new fully managed service aims to help organizations manage and protect external attack surfaces
-
Ransomware groups are using media coverage to coerce victims into payingNews Threat actors are starting to see the benefits of a more sophisticated media strategy for extracting ransoms
-
IBM: Data governance for data-driven organizationswhitepaper Master your data management
