Some USB flash drives containing IBM's Storwize initialization tool are infected with malicious code that copies itself into a temporary folder when the drive is plugged into a desktop or laptop.
Some USB flash drives containing IBM's Storwize initialization tool are infected with malicious code that copies itself into a temporary folder when the drive is plugged into a desktop or laptop.

IBM issued a support advisory last week warning users that some USB flash drives containing the company's Storwize initialization tool include a file infected with malicious code.

The affected tool is found on the USB flash drive with the partnumber 01AC585, and was shipped with the Storwize V3500, V3700, and V5000 Gen 1 systems. (More specifically: 2071 models 02A and 10A for V3500; 2072 models 12C, 24C and 2DC for V3700; and 2077 models 12C and 24C and 2078 models 12C and 24C for V5000.)

Storwize Systems with serial numbers starting with the characters 78D2 are not affected, nor is IBM Storwize storage systems and the data stored on these systems, Big Blue noted.

"When the initialization tool is launched from the USB flash drive, the tool copies itself to a temporary folder on the hard drive of the desktop or laptop during normal operation," Big Blue explained in its April 26 bulletin. However, the code is not actually executed during initialization.

IBM recommended that any users who plugged in an affected drive into their desktops or laptops ensure that their antivirus programs are updated and configured to scan temporary directories, and remove the malicious file by deleting the entire temporary directory.