Spybot.AKB Infects P2P Networks

Written By Jared Moya

February 22, 2010 | 2 Comments

Once installed, worm infects and redirects Firefox and Chrome browsers to different websites after user queries specific search terms.

Spybot.AKB is the latest worm to grace Direct Connect P2P networks, this time passing itself off as a name brand .exe file extension in the “shared” folder.

Once activated it installs an extension in the Firefox and Chrome browsers in order to control the searches made by users, and then redirects them to malicious websites from which more malware can be downloaded.

It affects the “shared” folders of the following P2P programs:

eMule
LimeWire
Morpheus
Tesla
Winmx
eDonkey
Bearshare
Grokster
Icq
KaZaA

Unsurprisingly the worm only affects Windows platforms, specifically 2003, XP, 2000, NT, ME, 98, and 95, so Vista and Win 7 users are immune.

For more info check out the Panda security website.

As usual I recommend switching to BitTorrent or Usenet from Direct Connect-style P2P networks. Between copyright infringement investigations and malware headaches it’s just not a safe place to be anymore.

Stay tuned.

[email protected]

Jared Moya
I've been interested in P2P since the early, high-flying days of Napster and KaZaA. I believe that analog copyright laws are ill-suited to the digital age, and that art and culture shouldn't be subject to the whims of international entertainment industry conglomerates. Twitter | Google Plus

I didn't know that some of those Direct Connect style networks were still around. The only one I've used more recently has been eMule, to access rare non-US content that only could be found there. I really think that torrent is the way to go, and I really like the social aspects of it, that sharers gain reputations and you can meet others with the same interests you have in the torrent forums. To be safe, don't click on something with .exe in the file name, or a funny icon that you don't know as music or video. Music should have a name that ends with .mp3, .fla or .flac, .wma, .ogg, or .m4a. For video it should be .avi, .mov, .ogm, .ogv, .mkv, .mp4 and a few others that you should look up. To see the extensions of the files, in a Windows folder like My Computer, go to Tools, Folder Options, View, and then take the check mark out of Hide Extensions Of Known File Types and click ok. That way you can look closely and see if there is .exe at the end. Don't click that if it was supposed to be music or video! That's how I was taught to do it.

phaze

Thanks for the article hope the noob p2p sharers read this because they are still to dumb to learn new technology! Do you know if you can prevent this worm?