After giving out free USB drives at the AusCERT conference, IBM had to send out an e-mail saying that the drives were infected with malware. Considering that the virus originated on flash drives given out at a security conference from a company that prides themselves on security, this just might be one of the most embarrassing things that could have happened to IBM.
The e-mail starts off:
At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected.
This particular USB drives contains an auto-worm, which will begin to download the moment the USB drive is inserted into your computer. It will try to put a virus on your computer, and a keylogger program that records everything typed and sends the information to waiting hackers.
If you did get one of these USB drives from IBM, and if you have already used it, the best thing you can do is delete the files from the drive, and run an anti-virus scan of your computer. The files that you are looking for are an autorun.inf file and a Setup.exe. These will be hidden from normal view, so the easiest way to delete them would be to format the entire drive.