Lenovo has issued a security advisory notifying customers that the initialisation tool shipped on a USB stick for the Lenovo V3500, V3700 and V5000 Gen 1 storage systems manufactured by IBM comes a file that has been infected with malicious code.
The USB flash drive in question is designated as part number 01AC585. It shipped with the following systems:
- IBM Storwize V3500 - 2071 models 02A and 10A
- IBM Storwize V3700 - 2072 models 12C, 24C and 2DC
- IBM Storwize V5000 - 2077 models 12C and 24C
- IBM Storwize V5000 - 2078 models 12C and 24C
IBM Storwize Systems with serial numbers starting with the characters 78D2 are not affected.
Lenovo says the file in question is copied to a temporary folder on Windows, Mac and Linux systems but requires a user to execute the file for it to have any effect. The file is not used during the initialisation process for the affected products.
The files is copied to %TMP%\initTool on Windows systems and /tmp/initTool for Mac and Linux.
Removing the malware is a matter of deleting the affected folders.