Security Bytes

Apr 7 2008   3:25PM GMT

HP: Would you like some malware with your server?



Posted by: Eric Parizo
Tags:
Information Security Threats
Platform Security

Experts have said for some time that the era of pre-installed malware may be right around the corner. Today, there’s no question that corner has been turned, as the Australian Computer Emergency Response Team (AusCERT) has learned that optional USB 2.0 floppy drive keys shipping with certain Hewlett-Packard Co. ProLiant servers have been infected with malware.

According to AusCERT, the keys may be infected by viruses called ‘W32.Fakerecy’ or ‘W32.SillyFDC’. The part numbers of the infected keys are 442084-B21 and 442085-B21. They are shipping with some of HP’s ProLiant class BL, DL and ML servers and other related equipment.

In a post on the SANS Internet Storm Center (ISC) website, handler John Bambenek wrote that since the available information suggests the keys were shipped only with ProLiant servers, it could either be a random effort on the part of attackers, or it’s part of a scheme to target a specific product or group. Regardless, Bambenek wrote, it’s time to be concerned with USB-based attack vectors.

It’s worth noting the growing trend in which attackers focus their efforts on pre-installed malware. Platform security expert Michael Cobb recently addressed the issue of rootkits being pre-installed on USB thumb drives. There’s also the related threat of cross-build injection attacks, in which application developers rely on external dependencies with pre-assembled third-party components that surreptitiously had malicious code added to them. With this news, ISC suggests the hacker battleground may┬áhave now moved to the floors of manufacturing facilities worldwide.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: