IBM Shipped USB Sticks Containing Malware to Customers

IBM has admitted that it accidentally sent some of its customers USB sticks containing malware. The offending drives were mistakenly included with shipments of its Storewize storage systems, and the company has urged anyone who has received one to destroy it immediately.

“IBM has identified a malicious file distributed on USB flash drives used in the initialization tool for IBM Storwize V3500, V3700 and V5000 Gen 1 systems,” the company said in a statement.

For those already affected by the malware, IBM tells customers where to find it:

When the initialization tool is launched from the USB flash drive, the tool copies itself to a temporary folder on the hard drive of the desktop or laptop during normal operation. With that step, the malicious file is copied with the initialization tool to the following temporary folder:

• On Windows systems: %TMP%\initTool
• On Linux and Mac systems: /tmp/initTool

It adds:

To manually remove the malicious file, delete the temporary directory:

• On Windows systems: %TMP%\initTool
• On Linux and Mac systems: /tmp/initTool

Beyond that, IBM has the following recommendations:

1. Securely destroy the USB flash drive so that it can not be reused.
2. Repair the USB flash drive so it can be reused:

a. Delete the folder called InitTool on the USB flash drive which will delete the folder and all the files inside.If using a Windows machine, holding down shift when deleting the folder will ensure that the files are permanently deleted rather than being copied to the recycle bin.

b. Download the Initialization tool package from FixCentral https://www.ibm.com/support/fixcentral.

c. Unzip the package onto the USB flash drive.

d. Manually scan the USB flash drive with antivirus software.

If you have any questions related to the malware snafu, you are encouraged to contact IBM customer support immediately.