Trojan found with Storwize initialisation tool.
IBM is urging customers to destroy USB memory sticks shipped with Storwize flash and hybrid storage systems after discovering they contain dangerous malware.
The USB drive contains an initialisation tool for the Storwize systems that has been infected with malware, IBM has advised. Affected models include drives with part number 01AC585 shipped with Storwize V3500, V3700, and V5000 Generation 1 storage systems.
The company said the malware, which was first spotted by security vendors in 2012, copies itself to a temporary directory on Windows, Linux, and Apple Mac computers when the initialisation tool is launched.
The malware is served up by a North Korean website, accordng to security vendor Trend Micro, whose antivirus detects it as PE.WINDEX.A.
Other vendors’ antivirus programs also detect the malware, which is classified as a Trojan horse that attempts to download further malicious code if executed.
It is not executed during the Storwize initialisation, IBM said.
The vendor recommended customers run an updated antivirus on computers the USB drive has been used on.
It also suggested customers securely destroy the USB memory stick so it cannot be used again.
Those who wish to reuse the USB drive should delete the malicious files and reinstall the Storwize initialisation package, and then scan the code with an updated antivirus, it said.
IBM is the original equipment manufacturer of Storwize systems for Chinese PC giant Lenovo, which has also issued an alert about the malware-infested USB drives.