Oops! IBM Hands Out Malware On USB Sticks
IBM broke the news to AusCERT delegates in an e-mail, alerting them that the USB sticks the company handed out at the conference might have been infected with the virus.
"At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth," said Glenn Wightwick IBM Australia chief technologist, in an e-mail to delegates Friday. "Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected."
Wightwick said that the malware, which had been in existence since 2008, had been detected by the majority of current antivirus products as of May 20.
"Please do not use the USB key, and we ask that you return it to IBM at Reply Paid 120, PO Box 400, West Pennant Hills 2120," he said in the e-mail.
IBM said it is currently investigating the matter.
"IBM regrets any inconvenience that may have been caused and is reviewing the matter with the third party supplier," an IBM spokesperson said later in an e-mail.
Ironically, the AusCERT conference, named for the Computer Emergency Response Team (CERT) in Australia, is the country's premier information security event, bringing together numerous security vendors and IT professionals from all over the world to discuss trends and showcase the latest security products.
However, this latest incident is not the only time an AusCERT vendor has handed out malware-laden gifts. Two years ago Australian communications and media company Telstra handed out infected USB sticks to conference tutorial attendees.