back to article Brit network O2 hands out free Windows virus with USB pens

A marketing campaign by O2 that sent customers USB-embedded pens backfired last week – after it transpired a number of devices contained a "Windows-specific virus." The UK cellphone network sent out the USB pens to its business customers followed by a marketing email encouraging them to download a free eBook. That was then …

Page:

  1. gv
    Pirate

    Hopefully if you are using your computer as a public web server, you won't be inserting random USB devices into it.

    1. AndrueC Silver badge
      Stop

      ..and would hopefully be using a more up to date version of Windowsan operating system not on that list.

  2. Anonymous Coward
    Anonymous Coward

    Santayana

    "Those who cannot remember the past are condemned to repeat it"

  3. Captain Scarlet Silver badge

    Windows Vista?

    Seems like a really old virus then if its targeting Windows Vista and below?

    1. hplasm
      Meh

      Re: Windows Vista?

      Seems like a really same old virus then if its targeting Windows.

    2. Hans 1
      Boffin

      Re: Windows Vista?

      > Seems like a really old virus then if its targeting Windows Vista and below?

      Noooo, if it affects Vista, chances are "very" high it will infect WIndows 7 as well ... since Vista is not yet out of security patches ... just writing ...

      1. Captain Scarlet Silver badge

        Re: Windows Vista?

        Well my thinking was when Windows Vista came out there were obviously more people using Windows 9x.

        The article does mention it auto updates.

        I suppose what I should have said is "Oi El Reg, whats the name of the malware on the sticks?"

    3. razorfishsl

      Re: Windows Vista?

      no... it is targeting servers, in places like hk they are still running 2003.

      chances are this was part of a left over batch of pens from some place else.

    4. Kay Burley ate my hamster

      Re: Windows Vista?

      Autorun enabled for USB drives until Windows 7 perhaps...

      1. eJ2095

        Re: Windows Vista?

        How would you tell if Vista had a virus.........

        I thought it was the virus ;-0

        1. David Haworth 1

          Re: Re: Re: Re: Windows Vista?

          Quoth eJ2095: I thought it was the virus ;-0

          Failed virus. It didn't spread very well after all.

  4. Haku
    Facepalm

    We need a double facepalm icon.

    Or even a triple facepalm.

    1. Dwarf

      Re: We need a double facepalm icon.

      You mean like D'oh D'oh or even D'oh, D'oh, D'oh ?

      Even though this is O2's fault as the supplier, if the last decade's guidance on good information security had any benefit at all to end users, then they should know about the need for up-to-date AV and not shoving free things into the computer without considering where its been and the associated risks and countermeasures to reduce those risks.

      You have to wonder what would happen if someone turned up at their front door with free doughnuts, I bet they would take those as well.

      When will people learn.

      1. Haku

        Re: We need a double facepalm icon.

        "When will people learn."

        In a lot of cases, never.

        But then there are instances that even take the most cautious by surprise, like you'd never expect a commercially pressed audio CD to root your computer.

        1. DoctorNine
          Stop

          Re: We need a double facepalm icon.

          Staking the enterprise security structure on network users learning good computer habits, is like staking your own personal hygiene on users of a public washroom learning good sanitary habits. I guess you COULD, but most of us are a bit more risk averse.

        2. Chika

          Re: We need a double facepalm icon.

          In a lot of cases, never.

          Very true. Consider that if people did actually learn then there would be no point to continue doing this.

      2. D 13

        Re: We need a double facepalm icon.

        Can I have a free doughnut?

        1. Dwarf
          Joke

          Re: We need a double facepalm icon.

          See what I mean ;-)

      3. PNGuinn
        Coat

        doughnuts

        D'oh ...

        Doughnuts ....

        Mmmm, Doughnuts ...

        Internet of Doughnuts ... mmmm ...

        Thanks - it's the one with the free usb doughnut in the pocket ...

        1. ecofeco Silver badge

          Re: doughnuts

          Into immortal words of Homer Simpson, "rarlghrarlgrarglhrarg"

          1. ecofeco Silver badge

            Re: doughnuts

            Damn phone

        2. IglooDude

          Re: doughnuts

          That's part of security awareness at my place, we bring in doughnuts every month or two, and they're Security Donuts (lax American spelling, sure) - as in:

          Donut click on that link!!

          Yes, granted it's dorky, but all the more memorable for it.

          1. herman

            Re: doughnuts

            Building a system with a web browser and hot linking and then telling users not to click on links is ridiculous. Don't blame the user for your own incompetence.

  5. m0rt

    "He said: "For any customers that have already used the USB or are concerned, we have a specialist team on hand to support them and guide them through any action they may need to take. We apologise for any inconvenience." ®"

    Oh really? A specialist team? So where were this specialist team when some ****head thought you should send out USB sticks as a marketing exercise?

    1. Triggerfish

      Well when planned they did not think this could happen, so they became a cost saving.

    2. PNGuinn
      FAIL

      Specialist team ...

      Hello, o2 specialist free usb virus support ... Homer speaking ....

  6. AMBxx Silver badge
    Megaphone

    Capita? Is that you?

    Currently going through the pain of getting PAC codes from O2-Capita. I'm sure I'll be receiving a 'free' virus through the post any day.

  7. J. R. Hartley

    A spokesman said:

    "This is the one thing we didn't want to happen"

    1. kmac499

      Re: A spokesman said:

      Well that's good to know... At least their heart is in the right place, shame about the brain.

    2. MyffyW Silver badge

      Re: A spokesman said:

      Was there really only one thing they didn't want to happen? That's comforting.

      Customer: Your sales staff have turned into flesh-eating zombies.

      O2: That's fine.

      Customer: Your mobile signal reprogrammed my DNA and now I'm a Salamander-like being and Lt Tom Paris is getting amorous.

      O2: That's fine, Captain Janeway.

      Customer: I got a virus off your freebie pen.

      O2: "This is the one thing we didn't want to happen."

      1. Phil W

        Re: A spokesman said:

        Love the incredibly episode specific Voyager reference.

        Go go gadget Warp10 drive.

      2. d3vy

        Re: A spokesman said:

        Glad to see I'm not the only one working through the voyager series now that they are streaming on Netflix!

        1. MyffyW Silver badge

          Re: A spokesman said:

          @Phil_W and @d3vy ... one of those episodes where you don't just have to suspend your disbelief, but wrestle it to the floor and tickle it into submission.

          1. Kiwi
            Alien

            Re: A spokesman said @MyffyW

            @Phil_W and @d3vy ... one of those episodes where you don't just have to suspend your disbelief, but wrestle it to the floor and tickle it into submission.

            I think that was about the last episode of ST:V I ever watched. Actually wondering if I should try again.

            Now if you want a truly terrible SciFi experience, one that could put you off SciFi for the rest of your life, watch DS9 in the shortest time possible. If you can.

            (#B5Fan... :) )

      3. Adrian 4

        Re: A spokesman said:

        Of course it's worse.

        O2 sales staff already ARE flesh-eating zombies. Nothing to be lost there.

    3. asphytxtc
      Thumb Up

      Re: A spokesman said:

      Loved the Brass Eye reference ^.^

  8. Anonymous Coward
    Anonymous Coward

    Windows NT???

    No f way... unless they provided USB drivers too for that pen drive.

    1. Mage Silver badge

      Re: Windows NT???

      Win2K (NT5.0), XP (NT5.1), 2003, Vista etc are all NT.

      NT4.0 actually did have a engineering release USB stack. It worked with Windows 2000 devices/drivers, if you hacked the installer to accept NT4.0 or your NT4.0 to report as NT 5.0 (Windows 2000)

      1. Anonymous Coward
        Anonymous Coward

        Re: Windows NT???

        these version numbers piss me off. I just finished a script to remotely read hklm\sw\ms\ie\version vector\IE , only to realise the value therin bares little relevance to the version of IE

    2. Stuart Castle Silver badge

      Re: Windows NT???

      Not necessarily. NT had plenty of security holes that could be exploited via an unsecured network share. All it would take is for one newer machine on the network (running a recent version of Windows) to become infected when someone plugs in a USB, then the virus could start scanning other machines on the local network for unsecured shares (or even secured ones if it can exploit a vulnerability in SMB), then using a vulnerability in NT's RPC (Remote Procedure Call) subsystem to copy itself to another machine, then install itself on that machine. All with no user intervention.

      Remember, newer versions of Windows lock down pretty much everything network wise until it is needed. NT did the total opposite.

  9. gregthecanuck
    Mushroom

    Oh dear...

    Gives new meaning to "The pen is mightier than the sword" .

  10. The Man Who Fell To Earth Silver badge
    WTF?

    Hey! O2!

    The 00's called and want their pen back.

  11. Anonymous Coward
    Anonymous Coward

    It's just PENetration testing

    Don't look a gift trojan in the mouth.

    1. Clive Galway

      Re: It's just PENetration testing

      Surely looking in the mouth is the one thing you DO want to do with a gift trojan?

      You might see the soldiers hiding inside if you did.

  12. Tezfair

    They got a USB Pen, I got flowers

    no seriously, bunch of flowers arrived today from HP / Ingram

    1. hplasm
      Happy

      Re: They got a USB Pen, I got flowers

      Have you virus checked them?

      1. Anonymous Custard
        Trollface

        Re: They got a USB Pen, I got flowers

        We had a couple of pack of dark choccie Hob Nobs in the post this morning from a recently left former colleague (I would say departed, but he left for a better job rather than for the grave).

        All in all I think we got the best deal of the lot...

      2. Haku

        Re: They got a USB Pen, I got flowers

        "Have you virus checked them?"

        Yes, do check for bugs.

  13. Anonymous Coward
    Anonymous Coward

    The virus infects program files and web files on computers running the following systems: Windows 2000, Windows 95, Windows 98, Windows ME, Windows NT,Windows Server 2003, Windows Vista, Windows XP.

    Errm yeah, I call BS on those two as they predate USB. NT4 didn't have any kind of hot-plug ability in my experience: maybe there was a beta somewhere but I seem to recall the closest it got to supporting hot-pluggable hardware was PCMCIA and even then you had to shutdown before inserting or ejecting cards.

    Been there, done that.

    As for Windows 95, well there was a supplement that added USB support. Last time I tried it, it didn't support USB storage, and in fact even Windows 98 needed a separate driver installed. Windows ME was the first of that line of OSes to ship with USB storage support and I find it incredible they'd bother supporting anything DOS-based.

    Strikingly absent are Windows 7, 8 and 10.

    1. Aodhhan

      You can call BS, but you're forgetting...

      USB isn't the only attack vector for this. If you have Windows 95 system running (help us), and go to an infected web site, you've now contracted it.

      Forest thru the trees.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like