- The USB drives shipped with two Schneider Electric products were infected with malware
- The affected products are Conext ComBox and Conext Battery Monitor.
- The products infects with malware during manufacturing at a third-party supplier’s facility.
- The company advises not to use USB drives.
Schneider Electric has released an advisory saying that the USB shipped with some of the company products were infected with malware.
According to the advisory released by the company the USB shipped with Conext ComBox and Conext Battery Monitor products contains malware.
The USB drivers were infected with the malware during manufacturing at a third-party supplier’s facility.
“Schneider Electric is aware that USB removable media shipped with the Conext Combox and Conext Battery Monitor products may have been exposed to malware during manufacturing at a third-party supplier’s facility.”
The malware infected USB drives were shipped with the Conext Combox (sku 865-1058) and Conext Battery Monitor (sku 865-1080-01) products.
The USB contains user documentation and non-essential software utilities and do not contain any operation software. The USB is not required for installation and operation purpose of the products.
The customers can download documentation and software utilities contained in the USB using the Schneider Electric website.
According to the company, the malware will be detected by all anti-malware software and also advises to not to use them.
Users who may have used the potential malware-infected USB are recommended to scan their system fully with a good anti-malware software.
“Users who believe they may have used one of the potentially-affected USB removable media are encouraged to perform a full scan of their system to check for and clean any identified malicious software using any standard anti-malware application program. Users are also encouraged to maintain good endpoint protection including active malware detection and remediation as part of their cybersecurity maintenance program.” said in the advisory published by Schneider Electric.
You may be interested in reading: OilRig APT Group spotted using a new Trojan called OopsIE against Middle East Organizations