Become a fan of Slashdot on Facebook


Forgot your password?
IBM Security It's funny.  Laugh. IT

IBM Distributes USB Malware At Security Conference 73

bennyboy64 and other readers let us know that IBM sent out an email to all attendees to the Australian Computer Emergency Response Team (AusCERT) 2010 conference, warning them that some of the USB drives handed out to delegates contained malware. Fortunately it was old malware, which all anti-virus products have detected since 2008. Two years ago telecommunications company Telstra distributed malware-infected USB drives at the same conference.
This discussion has been archived. No new comments can be posted.

IBM Distributes USB Malware At Security Conference

Comments Filter:
  • by Rotten ( 8785 ) on Friday May 21, 2010 @08:35AM (#32291660) Journal

    IBM old malware is......OS/2?

  • Wow... (Score:5, Funny)

    by wandazulu ( 265281 ) on Friday May 21, 2010 @08:36AM (#32291678)

    ...I didn't realize they'd been able to squeeze Lotus Notes onto a USB drive.

    • To be honest, it was a new experimental USB stick, 1TB of size.
      So the installer did barely fit on it. The installer that you needed to download the actual data, of course.

  • wtf? (Score:4, Insightful)

    by Pojut ( 1027544 ) on Friday May 21, 2010 @08:37AM (#32291690) Homepage

    Seriously. Come on IBM. You're one of the biggest names in the industry, you hold thousands of patents...and you can't ensure you give devices that have already been secured to conference goers? ::obligatory::

    We can go to the moon...

    • Re: (Score:3, Insightful)

      by jamesh ( 87723 )

      Seriously. Come on IBM. You're one of the biggest names in the industry, you hold thousands of patents...and you can't ensure you give devices that have already been secured to conference goers?

      My first assumption (without RTFA) is that they would have outsourced it.

    • Re:wtf? (Score:5, Informative)

      by JamesP ( 688957 ) on Friday May 21, 2010 @08:58AM (#32291872)

      No, I'd say:

      It's a security conference, if you can't handle a USB drive with a (Windows program) virus you shouldn't be there.

      • A shuddering thought just hit me. This was a security conference, and of course a USB key containing malware is easily and immediately spotted, dissected, squished and laughed off.

        Not let's imagine this was a markedroid conference... And, extrapolated, what happens at such cons where markedroids and other suits congregate without a clued person within a hundred miles?

      • So it's really just a way of keeping the attendees entertained? See, IBM really does care...

      • by aldld ( 1663705 )
        Or maybe it just means that you need to be there.
    • by Yvanhoe ( 564877 )
      MArketing and PR are probably the only department handled by computers running under Windows. Which is obviously a bad move...
    • Re: (Score:2, Interesting)

      was it an accident? A good friend of mine works for a defense contractor and they used to do this as part of a security audit. Every once in a while they would just drop USB keys in the parking lot and then notify everyone that had a computer that got infected by it after a few days.

      My biggest concern would be IT security guys that will stick a generic USB drive in their computer without scanning it first. Shame on anyone that goes to a security conference and trusts the graft to be virus-free.

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        How would you scan a USB drive without first sticking it into a computer?

        • by jdgeorge ( 18767 )

          You scan the USB drive by sticking it into a non-Windows computer, or one that doesn't by default execute software installed on the medium.

          Yes, you deserve a funny mod instead of an obvious response.

          • Heh - GP asked the question that was on my mind, and you gave the obvious answer. Now - it's time we came up with a "Secure USB scanner". Yes, yes, yes, of course it's a gimmick. And, of course, it's gonna be a ripoff. All we have to do is, get a USB cord, terminate it inside a stupid little box with a light that flashes as data transfers, then plug our USB into the box. It will make dummies feel good that they have "securely" scanned their USB before plugging it into a computer.

            I smell money - dishone

      • Re: (Score:3, Interesting)

        by tlhIngan ( 30335 )

        My biggest concern would be IT security guys that will stick a generic USB drive in their computer without scanning it first. Shame on anyone that goes to a security conference and trusts the graft to be virus-free.

        Which makes it kinda ironic, isn't it? A security conference with virus laden USB keys given out, and a good proportion of participants get infected. If even the security guys (whose job is to prevent such things) can't secure their machines, what hope does Joe Average have?

        I suppose the bigger q

    • by Gilmoure ( 18428 )

      Ricky the intern was just given a box with 500 thumb drives and told to format them.

    • Or at least get some new malware and not that old 2008 crap. Sheesh...
  • All Anti-virus ? (Score:4, Insightful)

    by JavaBear ( 9872 ) * on Friday May 21, 2010 @08:58AM (#32291878)

    If all Anti-virus products have detected this one since 2008 it obviously begs the question, why didn't IBM's?

  • IBM CEO (Score:3, Funny)

    by dandart ( 1274360 ) on Friday May 21, 2010 @09:02AM (#32291922)
    Mwuhahahahaa... destroy them all! That'll show 'em! They should've chosen OUR DOS, and we shouldn't have given them OUR PCs...
  • by British ( 51765 ) <> on Friday May 21, 2010 @09:06AM (#32291976) Homepage Journal

    If some individual did it, they would be in jail for a very long time. Thankfully, a 'corporation' did it, which can blame any # of people internally. Thus, no jail time for IBM. It will probably be handled in a private manner(ie nothing).

    • Re: (Score:1, Funny)

      by Anonymous Coward

      But but but ... the Free Market (TM) ... it will fix itself!

    • That's stupid. I've never heard of individuals getting in trouble for accidentally distributing viruses. Also, your post is worded in a very sarcastic manner to suggest that all corporations are bad, the capitalists are evil, banking is a sin, etc. Unfortunately, you did not cite anything (except your own strawman) to back up anything, it was all postulation.

      As a side note, IANAL, so please do not reply by saying that I do not cite a lack of a law against accidentally giving out dirty flash drives. That's a

    • Amen. I'm a retired lawyer who came late to the computer revolution in the eighties and none of my computerliterate friends will teach me to hack into things, write viruses and torgans, etc. and the textbook at the local university is wirtten in type too small for me to read and copy the code, but I have watched as the law got more and more to the point that, to even get exemplary damages against a corportion orLLC, etc., , now prctically always limited to three times your "economic" damages not including
  • Evidently IBM bought up the unused Telestra Flash drives. Or, they have really bad luck.
  • by istartedi ( 132515 ) on Friday May 21, 2010 @10:33AM (#32293160) Journal

    So many USB sticks come with pre-loaded crapware/malware. In the office we would stick them in Linux machines and format them from there. If you stuck it in a Windows machine without formatting it, you spent the rest of the day auditing your machine and puzzling over what might be left on it.

    The OPPORTUNITY is for a company to brand itself based on NOT HAVING CRAP on their sticks. I'm thinking Pure USB would be a nice name for such a product. I know I'd chose that over anything else if they were comparably priced. Don't get greedy and charge a premium for that. Just outsell the competition. I can't believe the kickbacks from crapware authors are that valuable.

    • Re: (Score:3, Informative)

      by DrBoumBoum ( 926687 )
      Why not simply disable autorun?
      • Why give nasties ANY chance to spread?

        When I get new or unknown drives I nuke 'em all out of habit. View on safe machine, nuke and pave, done.

      • Somebody or some thing (including Windows update) is bound to re-set your settings at some point, and re-enable autorun. Yes, locking your door is a good thing. Moving to a nicer neighborhood *and* locking your door is even better.

        • Re: (Score:1, Informative)

          by Anonymous Coward

          No, I've disabled autorun on Windows machines since 2000, and it's never been reenabled on any of them.

      • I'm not positive about this, but I think the risk may be larger than just autorun. Isn't there also the "installing drivers" bit that Windows does for some hardware? I get the impression that USB devices are to some extent able to contain their own drivers that Windows will install. IIRC, users are asked for confirmation by a tooltip-bubble from the system tray, but this may not be under all versions of Windows (yes under Vista, no under XP?). I do not know how this is implemented; I'm hoping that someo

    • Haha, your signature made me laugh. The phrase is "for all intents and purposes".
  • "Botnets, worldwide botnets,
    what kind of boxes are on botnets.'

    "Compaq, HP, Dell and Sony? True!
    Gateway, Packard Bell, maybe even ASUS, too!"

    "Are boxes, found on botnets!
    All running Windows, FOO!"

  • So, is there a better place to distribute malware than a security confrence?

  • That's "wide" about the 2012 Olympics... []
  • ... if they had distributed Melware [].
  • Who is really to blame in this is Microsoft. Some fool of a Microsoftie decided that, by default, whenever media (CDs, USBs) was inserted into a removable drive it should run AUTORUN on that drive. It can be disabled with TweakUI (link below) but you need to be a geek to think to do it and must do it on all your machines (and possibly all accounts on your machines) and if you forget, like I did, once, whamo! You're infected. A virus scanner can help, but they won't catch the latest viruses/horses (which is
  • It seems that IBM is not maintaining malware defintions upto date on the server from which the infected (old) malware was distributed. It is not clear from the writeup ",ibm-unleashes-virus-on-auscert-delegates.aspx" whether IBM finally reminds the users to re-enable the system restore feature. OK

"I think trash is the most important manifestation of culture we have in my lifetime." - Johnny Legend