IBM Distributes USB Malware At Security Conference 73
bennyboy64 and other readers let us know that
IBM sent out an email to all attendees to the Australian Computer Emergency Response Team (AusCERT) 2010 conference, warning them that some of the USB drives handed out to delegates contained malware. Fortunately it was old malware, which all anti-virus products have detected since 2008. Two years ago telecommunications company Telstra distributed malware-infected USB drives at the same conference.
Good thing a corporation did it (Score:5, Interesting)
If some individual did it, they would be in jail for a very long time. Thankfully, a 'corporation' did it, which can blame any # of people internally. Thus, no jail time for IBM. It will probably be handled in a private manner(ie nothing).
Re:wtf? (Score:2, Interesting)
was it an accident? A good friend of mine works for a defense contractor and they used to do this as part of a security audit. Every once in a while they would just drop USB keys in the parking lot and then notify everyone that had a computer that got infected by it after a few days.
My biggest concern would be IT security guys that will stick a generic USB drive in their computer without scanning it first. Shame on anyone that goes to a security conference and trusts the graft to be virus-free.
Re:wtf? (Score:3, Interesting)
Which makes it kinda ironic, isn't it? A security conference with virus laden USB keys given out, and a good proportion of participants get infected. If even the security guys (whose job is to prevent such things) can't secure their machines, what hope does Joe Average have?
I suppose the bigger question is - how come this wasn't reported... earlier? Surely someone at that conference must've seen it and disinfected, and saw others and posted something about it before IBM?