back to article IBM hands out malware-stuffed USB at security conference

IBM has apologised after supplying a malware-infected USB stick to delegates of this week's IBM AusCERT security conference. The unlovely gift was supplied to an unknown number of delegates to the Gold Coast, Queensland conference who visited IBM's booth. Big Blue does not identify the strain of malware involved in the attack …

COMMENTS

This topic is closed for new posts.
  1. Anonymous John
    FAIL

    Fail!

    Fail! Fail! Fail! Fail! Fail! Fail!Fail! Fail! Fail! Fail! Fail! Fail! Fail! Fail! Fail!Fail! Fail! Fail!

    1. sandman

      Fail

      You missed a Fail!

      1. Anonymous Coward
        Coat

        -Fail

        "You missed a Fail!"

        Don't be ridiculous. That would have made no sense at all!

        1. Anonymous Coward
          Anonymous Coward

          title! title! title!

          You now know which one you missed.

      2. Anonymous Coward
        Anonymous Coward

        Variations on a theme

        Spam! Spam! Spam! Spam! Spam! Spam! Spam! Spam!...

        Skol! Skol! Skol! Skol! Skol! Skol! Skol! Skol! Skol! Skol!...

      3. HuxleyThePig
        Coat

        But did IBM

        IBM didn't. Bdm tish.

        I thank you. (Arthur Askey stylee)

      4. Gordon is not a Moron
        Headmaster

        No

        but AJ did miss a space, "Fail! Fail!" not "Fail!Fail!"

    2. Andrew Austin
      FAIL

      I think we need to contact the SI Unit people...

      So they can provide direction on exactly how many (typed) fails equal an EPIC FAIL.

      E.G.

      10 fails = 1 EPIC FAIL

      100 fails = 1 HMRC Data Loss Event.

      1000 fails = 1 LHC 'event'

      10000 fails = 1 EDS Contract Award

      100000 fails = 1 Sun midrange Purchase

      1000000 fails = 1 Attempt by me to tabulate this text.

  2. John Lilburne

    What is the problem?

    It was a security conference the delegates should have detected the malware within nanoseconds.

  3. BristolBachelor Gold badge
    FAIL

    What can I say?

    1. You don't need to worry, because it is "a type of virus widely detected for at least two years " (unless you run the same anti-virus software as IBM, obviously.

    2. Windows autorun - A G A I N !!! ???

    What the FK is this carp still doing there? Especially after all the marketing carp about secure computing?

    Here buy this lock for your front door. It makes things very convient for you because it also opens the door for you. If anyone else walks anywhere near it (thieves, criminals, rapists, politicians...), it automatically opens letting them in too.........

    1. Robert E A Harvey
      FAIL

      I had to laugh

      $MEGACORP's latest laptop image had autorun turned on, and because they enforce the image settings every time I logged onto the company network it got turned back on again.

      Oh how I laughed.

      1. UBfusion

        Autorun is not to blame...

        because if it the stick wouldn't autorun, the user would promptly seek setup.exe and execute it manually.

        To me, it seems the "latest laptop image" did not have any AV installed (not even Microsoft's free one!). Time for Big Blue to buy a small AV company...

  4. Scott Broukell

    IBM rebranding

    International Business Malware

    1. Anonymous Coward
      Alert

      Don't be daft.

      It's been "I've Been Mugged" for a long time! (or even one I coined when working in an IBM support centre - "It's Broken Mate!" )

      There's a lot of these been going about for donkeys years (oops, 'donkeys' is not a valid REG unit for time yet, is it)

  5. The BigYin

    Autorun?

    People still have that turned on? Kee-ryst! One of the first things I disable (thanks "Tweak UI" you can nail it properly too).

    Sure, mount it. Let me know it's connected. But don't run anything until I tell you to!

    1. Anonymous Coward
      Gates Halo

      Welcome to the corporate world!

      As mentioned above, many corporations (mine included) reset your laptop's settings every time you boot up.

      Yes, I have TweakUI, and I turn off focus-grabbing ("If I want to pay attention to you, I'll darned well click on you. Otherwise, leave me alone!") and auto-run, only to find them turned back on every time I reboot.

      I eventually gave up, figuring if my company wants to pay me to waste my time watching windows grab focus, and introduce viruses into their infrastructure, it's their business.

  6. Mr Brush
    Alert

    Not Identified

    > Big Blue does not identify the strain of malware involved in the attack beyond saying it's a type > of virus widely detected for at least two years which takes advantage of Windows autorun to

    > spread

    That'll be Conficker.B then

    1. Anonymous Coward
      Anonymous Coward

      I concur, Dr. Brush

      That was my diagnosis too.

  7. Si 1
    FAIL

    Send it back?

    Why would anyone go to the trouble of sending it back? Either bin it or put it in a computer that isn't insecure and reformat it!

  8. KitD

    No doubt ...

    ... it was a clever ruse to select the subset of attendees who really DID need to receive the latest IBM security sales literature.

  9. Nauseus Maximus
    FAIL

    Not the first time.....

    .... AusCERT 2008, Telstra (arguably Australia's largest telco) did the same thing - USB keys handed out from opening - 2 hours later, embarrassing announcement over PA system requesting the return of all Telstra USB keys due to a malware infection .... and they were trying to highlight their secure services!!!!!!!

  10. SirTainleyBarking
    FAIL

    (untitled)

    And heres one we prepared earlier.....

    Please accept this single to Hull please. All abord the Fail Bus!

  11. This post has been deleted by its author

  12. Christian Berger

    Unlikely to have caused any consequences

    I mean that was a virus which used a flaw only apparent in a _few_ versions of one of very many operating systems. It's very unlikely, especially at a Security conference that any of the people there had the propper equipment to execute that virus on their main systems.

    1. Anonymous Coward
      Thumb Up

      Not so

      Theory: all managers on junkets got pwned. None of the real techs there had any problems or even noticed it beyond OK'ing quarantine.

      Gotta love this method of sorting the wheat from the chaff. Big thumbs up for Big Blue! Will try this method at our next company meeting...

  13. Anonymous Coward
    Anonymous Coward

    Where's the problem?

    I've received quite a few freebie pendrives over the last few years. They're very handy, and free is hard to beat. Most are pre-printed with company logos, but I have a couple where the logos peeled off to reveal major manufacturers' names. Nice.

    Hardly need to add that they always get reformatted immediately. Autorun? You're joking of course. Free software? Well we know what that's likely to be worth if it's being handed out at a trade stall,even if there's no malware.

    Take the freebies (get your friends to get extras for you), reformat them immediately and run. Where's the problem?

  14. Neiljohnuk
    Big Brother

    IBM had again!

    Back in the '80's when I worked for IBM they had really bad V rus problems in a hard-drive plant, turned out to be a peado in the dept duplicating discs to post out... Idiot Bloody Management then as now, with their heads up their arses and the I'm Bloody Marvelous attitude.

  15. wawadave
    Alien

    WTF

    Would you like spies with that?

  16. wawadave
    Megaphone

    Linux

    Reformat on any linux machine. Or just remove the malware files.

  17. Anonymous Coward
    Flame

    My company is full of IBM malware too...

    TSM, Tivoli ITM, Clearcase, Lotus, AIX, DB/2.....

    Now how did that all fit on a usb stick?

  18. Anonymous Coward
    Black Helicopters

    what are the chances...

    of TWO incidents of malware on a USB key at the same security conference, two years apart?

  19. Nerd King
    Linux

    Autorun

    ..is the single stupidest idea MS ever implemented. Disappointingly Ubuntu does the same, and it would be trivial to exploit in terms of automatically running something to do a job in your home directory. We do however at least have the advantage that doing anything really damaging would require the user to enter their password, and if they're that bloody daft then there's nothing you can do to protect them. Still, would be nice to default to no auto run, it's be one less job to do after install.

    1. Peter2 Silver badge

      Re: Autorun

      Personally, I think Active X was worse.

      On the other hand, I do think that people running with;-

      1) Autorun enabled

      2) An unpatched windows install

      3) No Anti Virus

      4) No software restriction policy

      deserve what they get.

    2. KarlTh

      And in Windows too these days...

      ...unless you've turned UAC off because it was "annoying". OK, no password required if you're running as admin, but that would put you in the same camp as a Linux user running as root.

  20. David McMahon
    Boffin

    Sings :

    And I'm feeeling Blue!

    Blue icon!

  21. Ezekial
    Alert

    What took so long?

    I am curious as to why it took til Friday night, 2 days after the main conference is over to get the message out! I have seen the Sophos note confirming that there was bad stuff on the stick but I have not seen any reports of punters who caught something from a contaminated stick.

  22. Anonymous Coward
    Anonymous Coward

    Priceless

    My first thought was "Priceless" and then I saw "security conference" and I knew I was in the presence of a Fail beyond human comprehension.

  23. C-Sick

    Wasn't that a...

    Big Blooper!

  24. md4m
    Terminator

    MetaDefender for Media

    this could have been prevented if they were scanning thier USB using several antivirus enginers

    MetaDefender for Media is one option http://www.opswat.com/products/metadefender-for-media

    http://www.filterbit.com is another

  25. Anonymous Coward
    Troll

    Better Release Management Practices Needed

    Seems to me that Release Managers of products (even of freebies) should be scanning the digital content of the package with multiple anti-malware products BEFORE release. IBM's own email that provided self-help procedures to USB recepients essentially advocated using at least 2.

This topic is closed for new posts.