IBM has apologised for distributing malware-laden USB keys to delegates at Australia’s biggest security conference last week.
The IT giant alerted delegates via an email two days after it left the AusCERT 2010 conference last Wednesday.
IBM Australia chief technology officer, Glenn Wightwick, said in the letter it suspects all USBs are infected.
“Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected,” WightWick said.
The malware was created in 2008 and affects Windows desktops and servers through an infected setup executable and autorun.ini.
The blunder comes two years after Telstra and reportedly Hewlett-Packard issued malware-infected USBs at AusCERT 2008.
IBM said affected users should contact their administrators and offered a do-it-yourself removal process.
1. Turn off System Restore [StartProgramsAccessoriesSystem toolsSystem Restore] Turning off System Restore will enable your anti virus software to clean the virus from both your current system and any restore points that may have become infected.
2. Update your antivirus tool with the latest antivirus definitions [available from your anti virus vendor of choice].
3. Perform a full system scan with your AV tool to confirm the existence of the infection. If malware is detected allow your AV to complete a clean.
4. On completion of this process, complete a second scan using a different anti virus product. Free anti virus products are available from known companies such as AVG, Avira, Panda Software, or Trend Micro.
5. Once a second scan has been performed and it is determined that your workstation is free of any known malware, as a precautionary measure we recommended that you perform a back up of all vital files on your workstation and perform a full re-installation of the operating system. This process will remove the risk of other unknown or undetected malware that may be present on your machine.
Wightwick said users should contact the IBM Security Operations Team at firstname.lastname@example.org if they experience difficulties.