Schneider Electric announced that some of the USB drives it has shipped with its Conext ComBox and Conext Battery Monitor products were infected with malware.
Schneider Electric has found a malicious code on the USB drives that have been shipped with Conext ComBox and Conext Battery Monitor products.
Both products are part of the solar energy offering of the vendor. ComBox is a communications and monitoring device for installers and operators of Conext solar systems. Conext Battery Monitor indicates hours of battery based runtime and determines battery bank state of charge.
The tainted drives have been shipped with all versions of Conext ComBox (sku 865-1058) and all versions of Conext Battery Monitor (sku 865-1080-01).
Schneider revealed that the USB drives were infected with a malware during manufacturing at a third-party supplier’s facility.
“Schneider Electric is aware that USB removable media shipped with the Conext Combox and Conext Battery Monitor products may have been exposed to malware during manufacturing at a third-party supplier’s facility.” reads the security advisory published by the company.
The good news for customers is that the malware that was found on the USB drives was easy to detect for almost any anti-virus software, anyway the company is recommending customers to not to use them and “securely discard” the infected devices.
“Schneider Electric has confirmed that the malware should be detected and blocked by all major anti-malware programs. Out of caution, Schneider Electric recommends that these USB removable media are not used.” continues the advisory.
“These USB removable media contain user documentation and non-essential software utilities. They do not contain any operational software and are not required for the installation, commissioning, or operation of the products mentioned above. This issue has no impact on the operation or security of the Conext Combox or Conext Battery Monitor products,”
Users who believe they may have used the infected USB drives must scan their system for the presence of the malicious code.
At the time it is not clear the extent of the incident, anyway, this case is just the latest in a series of supply chain attacks observed in the last years.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.