Sheesh. This must rank as one of the most embarrassing things a security company can do at a security conference.
IBM has admitted that the complimentary USB drives it handed out this week at the AusCERT conference on the Gold Coast, Queensland, were infected by not one, but two pieces of malware.
Analysts at SophosLabs have analysed samples of the USB stick in question, and can confirm that the devices are indeed infected. You should exercise care if you plug the device into your computer, since it is an autorun worm – which means it will launch when inserted into a computer if autorun/autoplay is enabled.
In what must have been a highly embarrassing admission, IBM Australia sent an email to all AusCERT attendees warning them of the security screw-up.
Part of the email read:
At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.