Adware purveyors are using fake MP3 and MPG files on peer-to-peer networks to spread their wares.More than a half million computers have been infected by a Trojan spreading
through bogus MP3 files on popular peer-to-peer networks in the past several
days, according to researchers at McAfee’s Avert Labs.
McAfee first reported noticing a spike in the discovery of a Trojan known as
Downloader-UA.h on May 6. The malware was added to the McAfee DAT files May 2.
In the past seven days, the malware has been detected by McAfee VirusScan
Online on more than 530,000 computers—roughly 26 percent of the approximately 2
million scanned, according to figures posted by the company May 7. In contrast,
the next most-reported piece of malware was found on less than 6 percent of the
scanned computers.
The Trojan is spreading through MP3 and MPG files disguised to look like
audio or video recordings. Some of the bogus file names are listed in a McAfee
blog. When downloaded, users are directed to a Web site and prompted to
download a file called PLAY_MP3.exe, McAfee researcher Craig Schmugar reported in
the company’s blog.
“If users agree to download and run PLAY_MP3.exe … a 4,800-word EULA [end-user
license agreement] is displayed,” he explained. “If you agree to the EULA and
choose to proceed, adware 'FBrowsingAdvisor' and 'SurfingEnhancer' [are]
installed as described in the EULA. PlayMP3.exe from PlayMP3z.biz is installed,
which is simply a browser control wrapped in an exe, and doesn’t actually play
local MP3 files, but rather loads a webpage running the Wimpy MP3 Flash
player.”
While approximately 500,000 unique systems have reported having the Trojan
on their PCs in the last few days, less than 10 percent downloaded the adware
installer from fastmp3player.com during that period, Schmugar wrote.
| | Reader Comments: Trojan Infects More Than 500,000 PCs | | >>> Post your comment now!
| | Infected?Were 530,000 PCs "infected" with the trojan, or were they found to have a copy of the trojan saved to disk? There's quite a difference. Posted At: 05-12-08
By: Brandon M | | | | | | Rip Off Other: Dangerous PracticeUnethical? Hooo Boy! Call it for what is really going on. Stealing! Period. Don't do the bad thing and chances are very good that you will not... Posted At: 05-10-08
By: C. Christensen | | | | | | Rephrase the questionI think you should rephrase it thusly:
"Hello this is Brian Prince, the author of this article. How secure do you feel stealing music using P2P... Posted At: 05-09-08
By: David Rogers | | | | | | If it quacks like a trojan...It is indeed a trojan. Here is the Wikipedia definition, which I agree with:
"In the context of computing and software, a Trojan horse, or simply... Posted At: 05-09-08
By: Anonymous | | | | | | P2P - the truth of something for nothingI've never used a P2P, but in general I agree that P2P in itself isn't the problem. In the case of the illegal trading of copyrighted works, you... Posted At: 05-09-08
By: Steve Young | | | | | | Not a trojanThats adware.. Unless you intend on saying something that wasnt said in that article. That is NOT a trojan.
It's not even dangerous, just... Posted At: 05-09-08
By: Concerned | | | | | | | | | | | | >>> Post your comment now! | | | | | |
|
 |
/ 34 
(Sponsor)
(Sponsor)
(Sponsor)
Security Hardware & IT Security Software 
