USB Drives shipped with Schneider Solar Products were infected with malware
7.9.18 securityaffairs Virus
Schneider Electric announced that some of the USB drives it has shipped with its Conext ComBox and Conext Battery Monitor products were infected with malware.
Schneider Electric has found a malicious code on the USB drives that have been shipped with Conext ComBox and Conext Battery Monitor products.
Both products are part of the solar energy offering of the vendor. ComBox is a communications and monitoring device for installers and operators of Conext solar systems. Conext Battery Monitor indicates hours of battery based runtime and determines battery bank state of charge.
The tainted drives have been shipped with all versions of Conext ComBox (sku 865-1058) and all versions of Conext Battery Monitor (sku 865-1080-01).
Schneider revealed that the USB drives were infected with a malware during manufacturing at a third-party supplier’s facility.
“Schneider Electric is aware that USB removable media shipped with the Conext Combox and Conext Battery Monitor products may have been exposed to malware during manufacturing at a third-party supplier’s facility.” reads the security advisory published by the company.
The good news for customers is that the malware that was found on the USB drives was easy to detect for almost any anti-virus software, anyway the company is recommending customers to not to use them and “securely discard” the infected devices.
“Schneider Electric has confirmed that the malware should be detected and blocked by all major anti-malware programs. Out of caution, Schneider Electric recommends that these USB removable media are not used.” continues the advisory.
“These USB removable media contain user documentation and non-essential software utilities. They do not contain any operational software and are not required for the installation, commissioning, or operation of the products mentioned above. This issue has no impact on the operation or security of the Conext Combox or Conext Battery Monitor products,”
Users who believe they may have used the infected USB drives must scan their system for the presence of the malicious code.
At the time it is not clear the extent of the incident, anyway, this case is just the latest in a series of supply chain attacks observed in the last years.
We reported several cases of pre-installed malware and also cases quite similar to this one, like the one that involved last year IBM Storwize shipped with infected initialization USB drives.