The Schneider Electric Fiasco: Infected USB-Flash Drives Fresh from the Factory

When purchasing a USB-flash drive, it is typically acceptable it comes pre-formatted from the factory. It is usually formatted as a FAT32 drive, for universal compatibility even for MacOS and Linux or the newer ExFAT format, compatible with Windows 8 and newer. The very last thing a person purchasing a new USB-flash drive expects is the device being infected by malware from the factory.

This situation is what exactly happened with Schneider Electric (a vendor of solar power ranges, which use USB-flash drives containing utilities), as they have admitted that some of those drives may have been carrying malware fresh from the factory. Apparently, like many companies today in the manufacturing sector, the technical parts of their products are contracted with 3rd party suppliers. This made Schneider Electric unaware of the issue until it is already too late and the finished products already went on sale.

The devices with questionable USB-flash drive bundled with are the following products:

• USB media shipped with Conext Combox (sku 865-1058), all versions
• USB media shipped with Conext Battery Monitor (sku 865-1080-01), all versions

“Schneider Electric has determined that some USB removable media shipped with the Conext Combox and Conext Battery Monitor products were contaminated with malware during manufacturing by one of our suppliers. Schneider Electric has confirmed that the malware should be detected and blocked by all major anti-malware programs. Out of caution, Schneider Electric recommends that these USB removable media are not used,” explained Schneider Electric in their press release.

Due to flash drives being a dime-a-dozen, the company is advising users to just dispose of the USB-flash drives as the contents of the drive can be downloaded manually from the official websites. The USB-flash drives contain utilities and online manuals for the products mentioned above. “Users are strongly encouraged to securely discard any USB removable media provided with these products. The documentation and software utilities contained on the USB removable media can be downloaded from Schneider Electric’s website. Users are also encouraged to maintain good endpoint protection including active malware detection and remediation as part of their cybersecurity maintenance program.” the company representative said.

The firm also highlighted that the alleged malware infection of their devices can be removed by any mainstream antivirus software, as the alleged malware is of a known variant.