IBM está alertando os clientes para se livrar de drives USB fornecido com alguns de seus sistemas de armazenamento Storewize como os dispositivos podem conter malware identificado como parte da família Reconyc Trojan. It is best if the USB drives are destroyed.
“IBM has detected that some USB flash drives containing the initialization tool shipped with the IBM Storwize V3500, V3700 and V5000 Gen 1 systems contain a file that has been infected with malicious code,” the company stated in an consultivo.
Reconyc Trojan Found on USB Drives Shipped with Storewize Storage Systems
Kaspersky Lab data indicates that the malicious code found on the USB drives belongs to the Reconyc Trojan malware family. The company detects the malware as Trojan.Win32.Reconyc. It is known to target users mostly in Russia and India.
Não obstante, users from other regions may also be targeted. The malware is designed to “spy on the user’s activities (intercept keyboard input, tirar screenshots, capture a list of active applications, etc.). “ Afterwards, the collected data is sent to the cybercriminals via email, FTP, or HTTP.
If the code is found on USB drives, the malware will end up on the system when the Storewize initialization tool is launched from the drive. The malicious code will be copied into a temporary folder: %TMP%\initTool on Windows systems or /tmp/initTool on Linux or Mac systems. Curiosamente, the code itself is not executed during the initialization, as reported by IBM:
Neither the IBM Storwize storage systems nor data stored on these systems are infected by this malicious code. Systems not listed above and USB flash drives used for Encryption Key management are not affected by this issue. The best way to secure a system that may have been affected by the malware via an infected USB drive is by running an anti-malware program. Another option is removing it from the system via the deletion of the temporary directories created when the drive is run.
Uma vez feito isso, the company recommends destroying the USB drive so that it doesn’t compromise any other systems.
An alternative option is to repair the flash drive by deleting the InitTool folder on the USB and downloading a new initialization tool package:
1.Delete the folder called InitTool on the USB flash drive which will delete the folder and all the files inside.If using a Windows machine, holding down shift when deleting the folder will ensure that the files are permanently deleted rather than being copied to the recycle bin.
2.Download the Initialization tool package from FixCentral.
3.Unzip the package onto the USB flash drive.
4.Manually scan the USB flash drive with antivirus software.
digitalizador Spy Hunter só irá detectar a ameaça. Se você quiser a ameaça de ser removido automaticamente, você precisa comprar a versão completa da ferramenta anti-malware.Saiba Mais Sobre SpyHunter Anti-Malware Ferramenta / Como desinstalar o SpyHunter