IBM Inadvertently Ships Infected Storage Devices to Storwize Customers

Big Blue published a warning to its Storwize enterprise customers that they may have accidentally been sent USB installation drives infected with malware. IBM released the mistake last week, and is now warning any customers that may have the infected drives to act quickly.

Companies that ordered the 1st generation Storwize V3500, V3700, and V5000 storage solutions offered by IBM may have been sent the infected USB drive. The malware is located in the initialization directory (InitTool) and when the file is read the malware is copied into a temporary directory onto a local storage device. The malware itself does not run automatically, but if it is launched it will attempt to download further malware, including a trojan horse, infecting the system.

| Source: IBM Support | A view of the infected USB storage device.

| Source: IBM Support | A view of the infected USB storage device.

| Source: IBM Support | A side view of the infected USB storage device.

| Source: IBM Support | A side view of the infected USB storage device.

IBM recommends that customers that have already inserted an infected storage device into their system, remove the device, destroy or cleanse the initialization tool from the device by deleting the InitTool folder and any files located in the folder. IBM also recommends deleting the malicious software from the temporary folders located on the local machine (listed below).

Windows systems: %TMP%\initTool

Linux and Mac systems: /tmp/initTool

IBM has a support note on finding the malicious drives, safeguarding systems, and cleansing all devices of the malicious software here. After the malicious drive and software has been removed an anti-virus program should be used to find any other potential malicious software. The malicious file in question can be detected by the following anti-virus programs listed below.

| Source: IBM Support | A list of anti-virus programs that IBM says will detect and quarentine the malware on its storage device. 

| Source: IBM Support | A list of anti-virus programs that IBM says will detect and quarentine the malware on its storage device. 

Big Blue does deserve credit for notifying any potential customers quickly. This just goes to show how a small error can lead to major security flaw on thousands of systems and potentially put businesses out of business because of data loss or theft.