IBM unleashes virus on AusCERT delegates

Powered by SC Magazine

Malware-infected USB key the culprit.

View larger image View larger image View larger image

See all pictures here »

Delegates to AusCERT, Australia's premier information security event held this week on the Gold Coast, have taken home a little of the stuff they spent the week agonising over - a virus.

In an email this afternoon, IBM advised visitors to its AusCERT booth that its complimentary USB key was infected with a virus. An IBM spokesman and conference organisers confirmed the email was genuine.

It is the second time in two years that clumsy exhibitors have infected their customers with viruses.

"At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth," IBM Australia chief technologist Glenn Wightwick wrote in an email to delegates this afternoon.

"Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected."

AusCERT coverage:

Wightwick said the malware, which dated to 2008, was detected by most anti-virus products.

"The malware is known by a number of names and is contained in the setup.exe and autorun.ini files. 

"It is spread when the infected USB device is inserted into a Microsoft Windows workstation or server whereby the setup.exe and autorun.ini files run automatically.

"Please do not use the USB key, and we ask that you return it to IBM."

IBM said in a statement that a "small number of IBM-branded USB sticks distributed to delegates at the recent AusCERT2010 conference were found to contain malware".

"IBM has immediately contacted delegates with remedial advice, and regrets any inconvenience that may have been caused," an IBM spokesman said.

To fix any damage that may be caused by using the USB key, IBM recommended:

  1. Turn off System Restore [Start - Programs - Accessories - System tools - System Restore] Turning off System Restore will enable your anti-virus software to clean the virus from your current system and any restore points that may have become infected.
  2. Update your anti-virus tool with the latest anti-virus definitions. [available from your anti-virus vendor of choice].
  3. Perform a full system scan with your anti-virustool to confirm the existence of the infection.  If malware is detected allow your anti-virus software to complete a clean.
  4. On completion of this process, complete a second scan using a different anti virus product. Free anti-virus products are available from companies such as AVG, Avira, Panda Software or Trend Micro.
  5. Once a second scan has been performed and it is determined that your workstation is free of any known malware. As a precautionary measure IBM recommended that you perform a backup of all vital files on your workstation and perform a full reinstallation of the operating system. This removes the risk of other unknown or undetected malware that may be present on your machine.

"If you experience difficulties with the above steps, please contact the IBM Security Operations Team at  An IBM technical support person will contact you by phone to assist you.

"We regret any inconvenience that may have been caused."

Infected USB keys should be returned to IBM at Reply Paid 120, PO Box 400, West Pennant Hills 2120.

Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
IBM's AusCERT 2010 stand from which it passed contaminated USB drives. photo: Nate Cochrane
Sign up to receive iTnews email bulletins
Latest Comments
What is delaying adoption of public cloud in your organisation?

   |   View results
Lock-in concerns
Application integration concerns
Security and compliance concerns
Unreliable network infrastructure
Data sovereignty concerns
Lack of stakeholder support
Protecting on-premise IT jobs
Difficulty transitioning CapEx budget into OpEx