By Heather Hamilton, contributing editor
IBM shipped customers flash drives containing malware and is now asking that they be destroyed, the company explains in an advisory published earlier this month. Though the number of shipped devices is unspecified, they are among those with the initialization tool for Storwize systems and contain malicious code. In the advisory, IBM is asking customers who received the V3500, V3700, and V500 Gen 1 systems to outright destroy the drive in order to prevent code from replicating.
The code is part of the Reconyc Trojan malware family, typically a target for computers in Russia and India, according to CNET, who sources Kaspersky Lab as the original source.
“When the initialization tool is launched from the USB flash drive, the tool copies itself to a temporary folder on the hard drive of the desktop or laptop during normal operation,” wrote IBM.
According to IBM, the malware is not executed during initialization, but it is copied. They recommend that users who have already inserted the drive should remove the directory containing the malicious file as well as run an antivirus system to remove it. Further instructions and specifics can be found within the advisory, as linked above.
This is referred to as a zero-day vulnerability, defined by PCTools as a hole in software unknown to the vendor. The hole in security can be exploited by hackers before the vendor knows about it and rushes to fix it. The resulting exploit is called a zero-day attack, which can include infiltrating malware. According to PCTools, the term “zero day” refers to the unknown nature of the hole to those outside of hackers, specifically the developers. The software company would then release a patch.
WatchPoint Data identifies several famous examples of zero-day exploits, the most talked about as of late being the hack on the Democratic National Convention, in which at least six zero-day vulnerabilities were exploited to uncover the stolen data. The vulnerabilities were uncovered by Russian hackers in Microsoft Windows 10, Adobe Flash, and Java. Then, knowing the vulnerabilities, the hackers began a spear-phishing campaign in which specific individuals were targeted.
In 2014, Sony Pictures Entertainment was the victim of a zero-day attack, called the worst corporate attack in history. The specific vulnerability that was exploited is not known, but a team of hackers destroyed the network and released sensitive data publicly, including films, business plans, contracts, and personal emails.
Zero-day exploits of varying levels of security are not uncommon.
Sources: IBM, CNET, WatchPoint Data, PCTools
Image source: Pixabay
Advertisement
Learn more about Electronic Products Magazine
