IBM Storwize: IBM has released a security warning for users of some company's USB flash drives that may be running malicious code.
The problem seems to be about the flash drives in IBM Storwize products. According to the company, they have the Initialization Tool for IBM Storwize, a large database storage system for data centers.
IBM states that the serial number of infected USB drives is 01AC585 and they have been released with various products - models: IBM Storwize V3500 - 2071 models 02A and 10A, IBM Storwize V3700 - 2072 models 12C, 24C and 2DC, IBM Storwize V5000 - 2077 12C and 24C models, and IBM Storwize V5000 - 2078 12C and 24C models.
"IBM has detected a malicious file that is distributed on USB flash drives used in the boot tool for IBM Storwize V3500, V3700 and V5000 Gen 1. When the Initialization Tool is booted from USB, it copies itself to a temporary folder on the hard drive a desktop or laptop disk during normal operation, ”the company said.
The malicious file is copied to a temporary folder (% TMP% \ initTool for Windows and / tmp / initTool for Linux).
IBM advises users to verify with antivirus software to see if they have already removed the infected file or if they have removed the folder containing the infected malicious file.
The company notes that Windows users will need to make sure that the entire folder is permanently deleted and has not been moved to the Recycle Bin.
IBM advises the owners of the above USB to destroy it so that it can not be reused or repaired by permanently deleting the InitTool folder from the drive. Those who do the second can download a new copy of the Initialization package from FixCentral.
Malicious code on infected units is copied only to user devices, but it does not run. There are no additional details about this malicious software in the IBM publication, nor information about how it occurred.