IBM hands out malware

May 25, 2010 // 10:14 a.m.

Tags: #auscert #ibm #malware #sophos #usb-flash-drive

IBM has failed to endear itself to the worlds' press after a publicity stunt went wrong and saw the company handing out promotional USB flash drives with an added bonus: a pair of nasty worms.

As reported over on IT PRO, IBM made the embarrassing gaffe during the AusCERT computer security conference in Australia where it handed freebie USB memory sticks to press and industry contacts - not realising that at some point during their production a pair of worms had found their way on board.

After the conference, IBM sent an e-mail to attendees warning them that the company "discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected" and advising recipients to return their devices to IBM's Australia headquarters as soon as possible.

The two worms - W32/LibHack-A and W32/Agent-FWF - have been identified by Sophos' Graham Cluley as being capable of launching "when inserted into a computer if autorun/autoplay is enabled" - potentially infecting Windows-based systems without further user interaction.

So far IBM hasn't offered an explanation of how the malware found its way onto the complimentary gifts - but to distribute worms at a security conference must rank as one of the biggest PR gaffes of all time.

Are you shocked to see IBM making such a serious blunder - and at a security conference, of all places - or is this the sort of mishap that can befall any company? Share your thoughts over in the forums.

QUICK COMMENT

View this in the forums

SUBSCRIBE TO OUR NEWSLETTER

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU