http://news.techworld.com/security/3224283/ibm-red-faced-after-handing-out-usb-drives-stuffed-with-malware/ By Maxwell Cooter Techworld 21 May 10 You might get more than you bargained for if you attend a security conference. IBM shocked delegates at the Australian AusCERT conference in Queensland by handing out USB sticks infected with malware. The company was forced to write to delegates apologising for its error. "At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected." It was actually worse than IBM intimated. To make it doubly embarrassing, according to security company Sophos, the company included two examples of malware: W32/LibHack-A. and W32/Agent-FWF. Sophos's senior technology consultant, Graham Cluley had a guess how the error occurred. "My guess is that they didn't check the USB sticks before handing them out. Maybe they out-sourced the creation of the USB content to a third party, and they weren't careful enough. After all, if an infected PC was used to create the "image" of the USB drive then it would have been easy for that disk image to be infected and copied onto every USB stick they handed out." [...] _______________________________________________ Best Selling Security Books and More! Shop InfoSec News http://www.shopinfosecnews.org/Received on Sun May 23 2010 - 22:26:30 PDT
This archive was generated by hypermail 2.2.0 : Sun May 23 2010 - 22:32:00 PDT