PRETTY MUCH the definition of irony is to reward quiz winners at a cybersecurity event with malware-ridded USB sticks, but we s**t you not, that happened in Taiwan.
Security firm ESET posted on its WeLiveSecuriy blog that Taiwan's Criminal Investigation Bureau (CIB) handed out 250 USB sticks to members of the public who passed a quiz that put their cyber security knowledge to the test.
Given such drives are a dime-a-dozen at such events, we're not convinced a USB stick constitutes as much of a reward. But some quiz takers must have been pleased as they went and plugged the stick into their computers.
However, a handful of the quizzed folks noted that their cybersecurity software had flagged the USB sticks as containing malware, which in turn forced the CIB to stop handing out the so-called ‘prizes'.
Some sticks were brought back, which must have been fiendishly embarrassing for the CIB chaps, but others remain out there with the malware causing who knows what kind of havoc.
The malware, which has the snappy name of XtbSeDuA.exe, can steal information from infected 32-bit computers and fire it off to a Poland-based IP address. From there, the data gets pushed onto other unidentified servers, so there's no real clue as to who's behind the malware.
The CIB did note that the infected USB sticks originated from a workstation used by a local contractor; seems like contractors get the blame for everything these days, eh Mr Snowden?
This is not the first time such cybersecurity gaffes have happened, with Telstra, the Aussie telecoms firm, distributing infected USB sticks at a cybersecurity event in 2008.
And the inherent curiosity in humans to know stuff means that they are likely to plug a USB stick into their computer just to see what's on it, making such innocuous devices a good way to spread malware.
We'd advise you stay away from them unless you have suitably robust cybersecurity software, but we know that's pointless to say because you won't be able to help yourself for wanting to take a peek at the stick's contents. µ
Not exactly 'Think Different'
Coming tomorrow: Bug report Thursday
Privacy-aware office worker slams 'authoritarian' AFR tech