Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
IBM IT Technology

IBM Admits It Sent Malware-infected USB Sticks To Customers (techrepublic.com) 50

IBM accidentally shipped USB drives infected with malware to some customers, the company noted in a support advisory post. The drives contained an initialization tool for some of its Storwize systems, the post stated. From a report: IBM customers who received a USB flash drive with the part number 01AC585 should either destroy the drive so that it cannot be reused, the post said, or follow the steps listed in the post to repair the drive. Affected drives were shipped with the following Storwize systems: IBM Storwize V3500 - 2071 models 02A and 10A, IBM Storwize V3700 - 2072 models 12C, 24C, and 2DC, IBM Storwize V5000 - 2077 models 12C and 24C, IBM Storwize V5000 - 2078 models 12C and 24C.
This discussion has been archived. No new comments can be posted.

IBM Admits It Sent Malware-infected USB Sticks To Customers

Comments Filter:
  • Storwize? (Score:5, Funny)

    by Viol8 ( 599362 ) on Wednesday May 03, 2017 @11:26AM (#54348805) Homepage

    Is it just me or does that sound like a malware name anyway?

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Is it just me or does that sound like a malware name anyway?

      Big jar of yellow liquid...

  • by __aaclcg7560 ( 824291 ) on Wednesday May 03, 2017 @11:28AM (#54348819)

    If you need help, call 1-800-IBM-HELP.

    Note: You must be 21 years old or older to use phone number.

  • Sure... (Score:5, Funny)

    by Moheeheeko ( 1682914 ) on Wednesday May 03, 2017 @11:48AM (#54348971)
    "accidentally"

    the only accident here is they got caught

    • by dougmc ( 70836 )

      You're suggesting that they did this intentionally?

      Certainly not. IBM may be "big evil corporate company" ... but they're not *that* stupid. That said ... they can make mistakes.

    • In an attempt to escape internal firewalls Watson deploys malware infected USB drives to IBM clients.
  • Finally !!! (Score:4, Funny)

    by martiniturbide ( 1203660 ) on Wednesday May 03, 2017 @12:24PM (#54349217) Homepage Journal
    IBM is back on the news.
  • by CustomSolvers2 ( 4118921 ) on Wednesday May 03, 2017 @12:27PM (#54349227) Homepage
    I am all for honesty and companies recognising their mistakes. I also consider myself very honest and good-faith-driven, but don't know if I would have been able to recognise a "mistake" like this.

    1. Food company saying that some drinks might be poisonous. Error.
    2. Food company saying that some drinks might contain ebola. Error + many questions.
    3. Food company saying that some drinks might contain a rare disease which they have created in-house. Seriously?
    • 3. Food company saying that some drinks might contain a rare disease which they have created in-house. Seriously?

      Are you suggesting that IBM created the Reconyc Trojan that's been circulating in the wild for half a decade? Or are you just demonstrating that you didn't bother reading the article before making blatantly false accusations?

      • Are you suggesting that IBM created the Reconyc Trojan that's been circulating in the wild for half a decade? Or are you just demonstrating that you didn't bother reading the article before making blatantly false accusations?

        I am clearly not. This was a funny (at least, this was my intention; some people here have a quite different than me sense of humour) way to illustrate the differences between having an innocent error, having an error with high negligence and having an error with much more than high negligence (why were they dealing with malware in the products to be sold?). Hopefully, now everything is quite clear.

        • >why were they dealing with malware in the products to be sold?

          Probably the same reason anyone else deals with it anywhere - they got infected without noticing it right away. And then they created an image to be distributed on new drives (since it seems that pre-installed junkware has become a requirement on flash drives these days) and started production and shipping without first performing a thorough malware scan of the image.

          A depressingly common scenario, but not terribly unexpected considering tha

          • I have never worked on a manufacturing environment, but my impression is that random workers freely using the products to be sold is an unlikely scenario. The only logical way for the infection would be via corporate software, from IBM or from a contractor. I also assume that the software is being treated very carefully as far as it is used in many machines and even the slightest problem might become too relevant. Additionally, the whole process is likely to be closely controlled/tracked and all the people/
            • by Anonymous Coward

              Brave my ass. They were called out.
              This isn't even the first time. They handed out infected USB drives at a damn security convention in 2013.

              • Brave my ass. They were called out.

                This sounds much more like the typical behaviour of a company. I didn't read the article. IBM voluntarily recognising something like that sounded too weird, but what can I say? In case of doubt, I prefer to think that someone might have acted with good faith.

            • I didn't mean to suggest that the end products were individually infected - rather that the person creating the image that would be copied onto all the end products was infected, and proceeded to accidentally infect the "master copy". Or alternately, the master copy might have been infected at any point between the original creation and final deployment.

              I agree it seems considerably worse than standard negligence - nobody much cares if your desktop gets infected, just a nuisance for the IT department to cl

              • No expense other than a temporary ding on their reputation

                For a company like IBM, mainly nowadays, reputation is a lot, almost everything. In fact, knowing that the company was IBM had a notable contribution to my initial surprise.

      • PS: your nick, the grumpy part, is descriptive of your personality, right? Would you mind to avoid dealing with me, misinterpret my actions and randomly getting angry with anything I do or say as being related to you at all? There are lots of people here and I am sure that many of them would enjoy all what you deliver, but I don't think that I do. Become my foe if that makes you happy (yesterday, I got my first one!).
    • If you ever eat food sold by a company, you should probably become aware of the existence of recalls and what the dangers of eating recalled food might be.

      • What you say is evident and there is nothing in my post saying otherwise. I was plainly highlighting what I considered beyond gross negligence and the fact that I found kind of curious that a company was openly recognising it. No critic, no attack, no complain, no doubts on any front; just a mere humorous and in-principle-easier-for-everyone-to-understand observation, which has been proven as more confusing and misunderstanding-prone than what I was expecting.
  • by Joe_Dragon ( 2206452 ) on Wednesday May 03, 2017 @12:31PM (#54349245)

    3rd party factory in china likely had the image loading system that had an malware infection on it.

  • Big deal (Score:5, Funny)

    by 110010001000 ( 697113 ) on Wednesday May 03, 2017 @12:31PM (#54349247) Homepage Journal
    Big deal, Microsoft has been shipping malware for decades.
    • by Anonymous Coward

      At least this wasn't at a security conference, like the last time IBM pawned off malware thumb drives:
      https://www.forbes.com/sites/firewall/2010/05/21/ibm-distributes-malware-infected-usb-sticks-at-security-conference/#5ba3ec78250d

      Seriously though, they need to get their vendors looked at or simply distribute online only.

  • by Anonymous Coward

    I suggest carrying that USB when traveling.
    When TSA agents hassle you to surrender your data, give them this USB and insist that the look into what's inside.

    • by Z80a ( 971949 )

      If you insist to em to look, they will not because they will suspect.
      Now if you insist to NOT look, like "it's just family pictures" etc.. then they will freaking look it.

Competence, like truth, beauty, and contact lenses, is in the eye of the beholder. -- Dr. Laurence J. Peter

Working...