O2 confirms USBs distributed in marketing campaign contain virus

USB pens distributed by the U.K.-based mobile network O2 as part of a promotional campaign for an eBook were discovered to contain a “Windows specific virus”.
USB pens distributed by the U.K.-based mobile network O2 as part of a promotional campaign for an eBook were discovered to contain a “Windows specific virus”.

USB pens distributed by the U.K.-based mobile network O2 as part of a promotional campaign for an eBook were discovered to contain a “Windows specific virus”, according to an O2 statement sent to SCMagazine.com. The distributed virus-infected pens were initially reported by The Register.

The U.K.-based mobile network mailed infected pens to business customers as part of the marketing campaign and then sent an email to those customers warning that the pens may contain a virus, according to a company representative. O2 confirmed to SCMagazine.com that customers were notified by email but the representative declined to share the customer email with this publication.

The O2 representative confirmed to SCMagazine.com that that the virus may not be picked up by out of date anti-virus software and said the virus may infect program files and Web files on computers running Windows 2000, Windows 95, Windows 98, Windows ME, Windows NT, Windows Server 2003, Windows Vista, and Windows XP. If a computer is used as a web server, the virus could attack visitors to their website, the representative said.

“We are aware that some of the promotional USBs we sent to customers have a Windows specific virus risk associated with them. As a precaution, we've contacted those customers who received the USB and advised them to discard it," O2 said in a statement sent to SCMagazine.com. "For any customers that have already used the USB or are concerned, we have a specialist team on hand to support them and guide them through any action they may need to take. We apologise for any inconvenience.”

The incident follows the discovery last month of O2 customer details for sale on a dark web marketplace. The customers' personal details are believed to have been discovered through a ‘credential stuffing' attack that used information breached from the gaming website Xsplit three years ago.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS