[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] IBM red-faced after handing out USB drives stuffed with
From: InfoSec News <alerts () infosecnews ! org>
Date: 2010-05-24 5:26:30
Message-ID: Pine.LNX.4.61.1005240026210.27307 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://news.techworld.com/security/3224283/ibm-red-faced-after-handing-out-usb-drives-stuffed-with-malware/
By Maxwell Cooter
Techworld
21 May 10
You might get more than you bargained for if you attend a security
conference. IBM shocked delegates at the Australian AusCERT conference
in Queensland by handing out USB sticks infected with malware.
The company was forced to write to delegates apologising for its error.
"At the AusCERT conference this week, you may have collected a
complimentary USB key from the IBM booth. Unfortunately we have
discovered that some of these USB keys contained malware and we suspect
that all USB keys may be affected."
It was actually worse than IBM intimated. To make it doubly
embarrassing, according to security company Sophos, the company included
two examples of malware: W32/LibHack-A. and W32/Agent-FWF.
Sophos's senior technology consultant, Graham Cluley had a guess how the
error occurred. "My guess is that they didn't check the USB sticks
before handing them out. Maybe they out-sourced the creation of the USB
content to a third party, and they weren't careful enough. After all, if
an infected PC was used to create the "image" of the USB drive then it
would have been easy for that disk image to be infected and copied onto
every USB stick they handed out."
[...]
_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic