IBM has issued a security alert last week, warning customers that some USB flash drives shipped with IBM Storwize products may contain malicious code. If the initialisation tool is plugged in, customer’s PC may be infected with Trojan.
Initialisation tool is a big data storage system (rack-based disks system) for data centers.
IBM is urging customers to destroy USB memory sticks with hybrid storage systems with fire. If the customers have already used it on their systems, they should remove it and disinfect it with an anti-virus. There's a list of anti-virus software that detect the trojan in IBM's post.
The customers need download the required files and start again. Though the latter method does not assure of complete safety.
The trojan in question goes by various names. Kaspersky's description says it's a dropper that installs itself in a temporary folder on Windows, Linux, and Apple Mac computers on execution, download other malware.
Affected models include drives with part number 01AC585 shipped with Storwize V3500-2071 models 02A and 10A, V3700-2072 models 12C, 24C and 2DC, V5000-2077 models 12C and 24C and V5000-2078 models 12C and 24C.
"Neither the IBM Storwize storage systems nor data stored on these systems are infected by this malicious code," said IBM.
The malware was first spotted by security vendors in 2012. Security vendor Trend Micro detects the malware to be served by a North Korean website.
