Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 8th, 2008

HP Ships Proliant Server USB Keys With Malware

HP Australia has warned that optional USB keys shipped with some of its Proliant servers are infected by malware.

A batch of 256MB and 1GB USB keys that ship with the servers are infected by the Fakerecy and SillyFDC viruses. The keys are involved in installing optional floppy-disc drives. It’s unclear how many infected USB sticks were distributed.

Fakerecy and SillyFDC are both low-risk worms that spread by copying themselves onto removable media. The malware likely got onto Proliant USB disks via an infected machine in a factory rather than as some part of a targeted attack.

The incident isn’t very threatening since the malware simply isn’t potent enough to do anything useful from the point of view of hackers. It’s also hard to believe that anything but a very small minority of shops would need to support floppy discs on Proliant servers, thereby risking exposure.

Nonetheless the incident illustrates the growing use of USB drives as a vector for viral infection. Previous incidents of infected devices coming out of the factory have cropped up infrequently over the last few months. To date these incidents have involved digital photo frames and the like.

Up to date anti-virus software would detect both the viruses involved in the Proliant USB attack. But that may not help in cases where security software is installed onto servers after floppy disc support is added. Disabling autorun thwarts both the Fakerecy and SillyFDC worms and may be the better option.

You can protect yourself against USB-based (and Fireware) malware with few simple steps:

1) Take the vendor who made the device and do a google news search on it. Odds are you aren’t the first to buy it and if it comes with badware it may be news. If you see a story about it, check the vendor webpage and see if you can compare serial numbers of infected/non-infected versions.

2) Every time you get a USB device scan it for malware before you use it with your anti-virus software’s latest DATs. This includes picture frames, USB keys, SD Cards, USB/Fireware harddrives, iPods, MP3 players, everything.

3) If you do receive a malware hit, try to report and forward it to anti-virus vendors.

4) Even if you do not see any malware, there is a possibility you are not safe. If you notice “odd” behavior of your machine (connections to a random machine you don’t know, changing your default homepage, etc), be wary. Update your DATs and scan with anti-virus.

6) Turn off “autorun” software on your operating system. It makes life less convenient, but it saves you from automatically running software that you don’t want. If you want complete safety and it doesn’t void your warranty/ability to return the device or make the device irrelevant format the drive completely using a data shredder or other tool to torch every single byte that is on the device.

Share this item with others:

More on CyberInsecure:
  • IBM Hands Out Malware-infected USB At AusCERT Security Conference
  • USB Autorun Malware On The Rise
  • CERT Warns About Phalanx Attacks Against Linux Servers
  • IBM’s New USB-based Device Might Allow Safer Online Banking
  • USB Devices Containing Worms Threaten US Army, All Removable Devices Temporarily Banned

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: HP Ships Proliant Server USB Keys With Malware

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.