International Business Machine Corporation has released a disturbing public announcement, indicating that flash drives of specific kinds are better off to be wiped out. Small storage devices that operate with V3500, V3700 and V5000 Gen 1 systems are to be eliminated as soon as possible. It seems that flash drives that were shipped were already contaminated with malicious files and thus are no longer fit for usage.
Once a malicious flash drive would be connected to an operating system, the harmful content would be transferred to the device. The file is supposed to be inserted in one of the folders that are present on the desktop. Of course, the transfer is done silently, without users finding out about the content that additionally gets placed. However, for the file to be successfully implanted into a device, initialization tool is supposed to run.
The malicious executable is actually a Trojan. To be more specific, it is a Reconyc Trojan. Even though it usually spreads as a malicious attachment in spam campaigns or uses vulnerable HTTP websites for its advantage, this time the selected strategy is very different. Users will have completely no suspicion that their newly purchased flash drive could already contain malware. However, this is the expectation that crooks anticipate you to have. Reconyc Trojan proceeds similarly to spyware which comes after users’ confidential information and other data that might be valuable. Once inside, Trojan could be allowed to follow your online activity, take screenshots, insert key loggers and initiate other techniques of spying.
These are the models that are very likely to have been affected by the malicious file:
BM Storwize V3500 – 2071 models 02A and 10A
IBM Storwize V3700 – 2072 models 12C, 24C and 2DC
IBM Storwize V5000 – 2077 models 12C and 24C
IBM Storwize V5000 – 2078 models 12C and 24C.
If you have any of these models, we suggest you to take heed. And we are not the only ones. IBM recommends that users would make sure that their anti-virus tool would run security scans and make sure that the Trojan would be successfully exterminated. If you allow this malicious bug to remain in an operating system, you will give crooks an opportunity to steal information about you and maybe even reach such details as your bank account information.
Before the affected flash drives could be reused, there is a series of steps that people have to carry out. You can find them in the official public statement of IBM. Distributing malware with infected USBs is not a novel strategy, but it is certainly not a very frequently used method. However, since hackers are trying their hand in new hoaxes, we suggest you remain cautious.
Sources: ibm.com
