IBM Storwize: IBM published a prenotice security for users of certain company USB flash drives that may be released with malicious code (malware).
The problem seems to be about the flash drives in IBM Storwize products. According to the company, they have the Initialization Tool for IBM Storwize, a large database storage system for data centers.
IBM states that the serial number of infected USB drives is 01AC585 and they have been released with various products - models: IBM Storwize V3500 - 2071 models 02A and 10A, IBM Storwize V3700 - 2072 models 12C, 24C and 2DC, IBM Storwize V5000 - 2077 12C and 24C models, and IBM Storwize V5000 - 2078 12C and 24C models.
“IBM has detected a malicious file distributed on USB flash drives used in tool initialization tool for IBM Storwize V3500, V3700, and V5000 Gen 1 systems. When the Initialization Tool is launched from USB, it copies itself to a temporary folder on the desktop or laptop hard drive during normal operation,” it said The company.
The malicious file is copied to a temporary folder (% TMP% \ initTool for Windows and / tmp / initTool for Linux).
IBM advises users to verify with antivirus software to see if they have already removed the infected file or if they have removed the folder containing the infected malicious file.
The company points out that Windows users should make sure that the entire envelope has been permanently deleted and not moved to the Recycle Bin.
IBM advises owners of the above USB to destroy it so that it cannot be reused, or to fix it by permanently deleting the InitTool folder from the drive. Those who do the latter can download a fresh copy of it packety Initialization from FixCentral.
Malicious code on infected units is copied only to user devices, but it does not run. There are no additional details about this malicious software in the IBM publication, nor information about how it occurred.