“Hewlett-Packard has been selling USB-based hybrid flash-floppy drives that were pre-infected with malware, the company said last week in a security bulletin. Dubbed “HP USB Floppy Drive Key,” the device is a combination flash drive and compact floppy drive, and is designed to work with various models of HP’s ProLiant Server line. HP sells two versions of the drive, one with 256MB of flash capacity, the other with 1GB of storage space. A security analyst with the SANS Institute’s Internet Storm Center (ISC) suspects that the infection originated at the factory, and was meant to target ProLiant servers. “I think it’s naive to assume that these are not targeted attacks,” said John Bambenek, who is also a researcher at the University of Illinois. Both versions of the flash-floppy drive, confirmed HP in an April 3 advisory, may come with a pair of worms, although the company offered few details. It did not, for instance, say how many of the drives were infected, where in the supply chain the infections occurred or even when they were discovered.”Here is some more Tech News from around the web:
- AT&T, 2Wire Ignoring Active Security Exploit @ Slashdot
- The Texas Petawatt Laser @ Slashdot
- Tech literate staff annoying IT departments @ The Inquirer
- LF Collaboration Summit, Austin: Day 1 @ Phoronix
- Sony Handycam HDR-SR12 Camcorder @ Hardware Zone
- Anatomy of an E-mail Scam @ TechwareLabs
- Bawls G33K B33R Taste Test @ [OC]ModShop
- Google Launches App Engine, Pokes Amazon In the Eye @ PC Mechanic
- Apple iCar: Could Microsoft Follow? @ OSWeekly
- Does Leopard Deliver or Disappoint? @ OSWeekly
- Overclock3D’s “Fully Loaded” Competition
Move along; nothing to see here
HP has a problem on their hands after selling HP USB Floppy Drive Keys with an infection already on them, target at the very ProLiant servers that the Drive Keys were for. Plug in the drive and you will have a worm spreading to every networked drive and beyond. This hybrid floppy/flash drive is not exactly common hardware, so the premise that this is a targeted attack seems to be the simplest explanation. Read more about the report on Slashdot, and if you have HP ProLiant servers that you feed and care for, don’t ever buy Drive Keys with these serials.