HP ships USB sticks with malware

Hewlett-Packard has released a batch of USB keys for numerous Proliant server models which contain malware that could allow an attacker to take over an infected system.

The worms contained on the 256KB and 1GB USB drives have been identified as W32.Fakerecy and W32.SillyFDC. The worms spread by copying themselves to removable or mapped drives and affect systems running Windows 98, Windows 95, Windows XP, Windows Me, Windows NT and Windows 2000, according to AusCERT.

HP's Software Security Response Team issued a warning to AusCERT this week after discovering the worms on the USB drives and has also provided a list of affected servers to the security response organization.

To find out whether a drive is infected, HP recommends inserting it into a system with up-to-date antivirus software. Systems with up-to-date antivirus should be protected from the threat, according to HP.

John Bambenek, a researcher at the security organization Sans Internet Storm Center, has said that because the infected USBs only affect Proliant servers, a targeted attack cannot be ruled out.

However, the threat risk from the worms is considered to be low. "This is probably not going to escalate into a widepread epidemic," Nishad Herath, senior research scientist at McAfee Avert Labs, told ZDNet.com.au. "But I would most definitely urge users to perform a virus scan of any media--including any new blank drives--you receive from vendors prior to installing/using them as slip-ups like this have been known to happen in the past."

HP claims the worm-infected USBs will have only affected a small number of customers.

"HP takes all quality issues very seriously. Because the keys involved are used to install optional floppy-disk drives, this only affects the USB Floppy Drive Key kit which is a very low volume option and impacts a very small percentage of our ProLiant customer base. We've determined root cause and are fully confident that we have resolved this event. To date, no customers have reported this issue," a spokesperson for HP told ZDNet.com.au.

HP has provided an advisory page for customers with affected USB keys.

To find out whether a drive is infected, HP recommends inserting it into a system with up-to-date antivirus software. Systems with up-to-date antivirus should be protected from the threat, according to HP.

John Bambenek, a researcher at the security organization Sans Internet Storm Center, has said that because the infected USBs only affect Proliant servers, a targeted attack cannot be ruled out.

Liam Tung of ZDNet Australia reported from Sydney.

[timotaug]

HP & Viruses

I purchased an hp dv6500 laptop. all I installed was AVG and ran a scan of the system and 2 of the preloaded games were in fected. ! was a trojan the other a worm. ThE gRANNY GAME AND ONE OTHER. I called to inform them of the issue (which i corrected by deleting the infections) They said there was no way and to try an F-disk to resolve. mind you I just turned it on for the 1st time and installed AVG.

[dan356]

Mac and linux users dont need to worry ever.

Yeah yet another advantage of being a mac user. plus im also a linux user. I just dual boot. Hmmm, maybe this is a scare from hp and microsoft to go make people get really expensive anti virus protection because the creators of windows have no skills in making a decent well protected system. The only advantage to windows is gaming. Which if your into next gen gaming chances are you have a ps3 or 360 like i do. So I'm set no need to buy a windows comp for gaming. I think Apple should make their OS multiplatform. It would kill Microsoft in a year. In fact, its been really foolish of Apple to allow microsoft to get really far ahead in the Comp bussiness. But Microsoft is falling really fast in the market. People are just pissed from vista. Yeah if Apple ever allows their OS to be released on Pcs say goodbye to Microsoft. Also, to the people that say the only reason Windows has so many viruses is because everyone uses it. They are dead wrong.... The reason is microsoft only thinks about nerdy bussiness men and gaming. Never about security or anything that a normal web browser would care about. They only upgrade microsoft office, thats about it. It was pretty funny when microsoft said"windows vista is top of the line security" LOL! Now it has at least 500 to 800 viruses. Not to mention loads of spyware.

[dwinks]

The more concerning issue...

I think the more concerning issue here is that HP is shipping thumb drives with only 256KB of space. What exactly could someone do with that little space. I think a completely blank office document is larger than that now, let alone one with a few pages of text and graphics.

On the other hand, I have to give kudos to the virus writers for making such a compact and efficient virus that it can fit into just 256KB of space.

[UNiHacker]

this isn't a surprise. I do find it funny that they actually recommend plugging an infected device into a computer for cleansing. Thats funny. Lawlz. HP got pwned.

http://www.unihacker.com

[tghounsell]

Your comment is basically nothing but flame-bait. And you haven't even picked a relevant story. This malware has nothing to do with OS security. If HP made OSX-based servers, the malware would be OXS-based malware. This malware doesn't need to circumnavigate security defenses, because it's trusted code.

See how blocking devices will decrease malware infections:

http://extremesecurity.blogspot.com/2008/06/stop-malwares-using-device-control-real.html

[mbridge]

Thankfully "HP takes quality seriously." Otherwise they may have sent out USB sticks with malware on them.

Seriously, it was good of them to come forward and admit to their mistake to the customers who purchased the sticks.

http://www.MBridge.com

[revenant2]

How can this happen? I've never heard this before.

sizegenetics clearpores