IBM Storwize: IBM has issued a security warning for users of some of the company's USB flash drives that may be circulating with malicious code (malware).
The problem seems to be about the flash drives in IBM Storwize products. According to the company, they have the Initialization Tool for IBM Storwize, a large database storage system for data centers.
IBM states that the serial number of the infected USB drives is 01AC585 and has been released with various products – models: IBM Storwize V3500 – 2071 models 02A and 10A, IBM Storwize V3700 – 2072 models 12C, 24C and 2DC, IBM Storwize V5000 – 2077 models 12C and 24C, and IBM Storwize V5000 – 2078 12C and 24C models.
“IBM has detected a malicious archive που διανέμεται σε μονάδες USB flash που χρησιμοποιούνται στο εργαλείο εκκίνησης για τα συστήματα IBM Storwize V3500, V3700 και V5000 Gen 1. Όταν εκκινείται το Initialization Tool από το USB, αντιγράφει τον εαυτό του σε έναν προσωρινό φάκελο στο σκληρό δίσκο της επιφάνειας εργασίας ή του φορητού υπολογιστή κατά τη διάρκεια της κανονικής λειτουργίας”, ανέφερε η εταιρεία.
The malicious file is copied to a temporary folder (% TMP% \ initTool for Windows and / tmp / initTool for Linux).
IBM advises users to verify with antivirus software to see if they have already removed the infected file or if they have removed the folder containing the infected malicious file.
The company points out that Windows users should make sure that the entire envelope has been permanently deleted and not moved to the Recycle Bin.
IBM advises the owners of the above USB to destroy it so that it can not be reused or repaired by permanently deleting the InitTool folder from the drive. Those who do the second can download a new copy of the Initialization package from FixCentral.
Malicious code on infected units is copied only to user devices, but it does not run. There are no additional details about this malicious software in the IBM publication, nor information about how it occurred.