A USB drive given out by IBM at an Australian computer conference included some well known malware. And it was a security conference. Ooooooops!Attendees at the recent AusCERT (Australian Computer Emergency Response Team) Asia Pacific Information Security Conference got more than they bargained for when they accepted a free USB drive from the IBM booth.
Bad enough that it was technology company spreading the bad stuff, worse that it was spread to security professionals, and worst of all the fact that the malware included some very well-known, long-identified autorun and setup file infections.
But let's let IBM's apology speak for itself.
As USBs have become disposable commodities, they've also become more and more common autorun and setup infection vectors. The convenience of autorun and the cheapness of the drives makes them a no-brainer for the crooks.
The fact that user don't have to think about using the drive -- put it in the USB slot and hey! presto! you've got some convenient storage and some nasty infections -- adds to their effectiveness as an attack vector.
Pass the word about unknown, unfamiliar and giveaway USB devices -- just don't pass it on an infected device.
Don't Miss: Autorun Worms Top McAfee Threat List