McAfee Avert Labs reports of more than 600,000 VirusScan Online users detecting an executable trojan in what it calls the most significant malware outbreak since 2005.
Every file-sharer is hopefully well aware of the dangers of unknown executable files. The importance of this knowledge was proved again recently following a report on the McAfee Avert Labs blog that more than 600,000 McAfee VirusScan Online users detected a Trojan horse masquerading as a media file on a number of P2P and file-sharing networks.
Called the most significant malware outbreak since 2005, some 28% of the 2 million plus PCs scanned in the past 7 days are reported to be infected with the Trojan referred to as Downloader-UA.h.
Apparently what happens is that when a user attempts to play one of the bogus .MP3 or .MPEG files, they’re instead directed to download a file named “PLAY_MP3.exe.”
Once PlayMP3.exe from PlayMP3z.biz is installed, “…you’re left with a fake MP3 file taking up space, a worthless MP3 player, adware that claims not only to not display popups, but also to block them, and more adware that successfully displays popup and popunder ads,” the blog post reads.
The following is a list of some of the sample names that have been seen so far:
preview-t-3545425-adult.mpg
preview-t-3545425-changing times earth wind .mp3
preview-t-3545425-girls aloud st trinnians.mp3
preview-t-3545425-heartbroken fast t2 ft jodie.mp3
preview-t-3545425-jij bent zo jeroen van den.mp3
preview-t-3545425-meet bambi in kings harem.mp3
preview-t-3545425-middle eastern chick.mpg
preview-t-3545425-paint me bunmingham.mp3
preview-t-3545425-paralyized by you.mp3
preview-t-3545425-pull over levert.mp3
preview-t-3545425-say it right remix.mp3
preview-t-3545425-st trinnians girls aloud.mp3
preview-t-3545425-theme godfather.mp3
t-3545425-bentley bizzle.mp3
t-3545425-dx vs randi orton 2007.mpg
t-3545425-haloween special.mp3
t-3545425-just got lucky.mp3
t-3545425-lion king portugues.mpg
t-3545425-los padres de ella.mpg
t-3545425-para sayo freestyle.mp3
t-3545425-peanut butter jelly amende.mp3
t-3545425-stare at sun thrice.mp3
t-3545425-suicide bride dana.mp3
t-3545425-wayne and jane.mp3
As usual it’s important to NEVER, EVER install(or execute) unknown files.
[Via Cnet]
Related Posts
- Skype teams up with McAfee
- Man Arrested for Running Botnet
- Ferret out fake BitTorrent trackers with Fake Finder
- LimeWire 4.8.0
- Trojan Removes P2P Downloads
Loading ...
First of all you can tell by the titles that they are not songs (at least not any that I know of). Secondly if Media Pla yer Winamp or any other pla yer that you already have installed doesn’t play it it’s not an MP3 file. And the MPGS are obviously references to porn: the shit that catches a lot flies.
Any file that has .exe after it is dangerous if uninvited so don’t EVER click on it. I scan ALL files with my virus program even those that I purposely want to install.
Hate to say it but anyone who falls for this is REALLY computer illiterate.
@Burd
I hear you man but with 600000 people reportedly downloading the thing it’s definitely worth mentioning….
This is the same sort of malware that finds its way onto certain sites with equally questionable content. I guess these bozos think that because the user is doing something “Wrong” that it’s ok to send them spyware.
Most of the victims will be young kids who only see free music. They won’t have a full deck of cards when it comes to computer security all they see is MP3 or MPG. I think we all know who’s spreading this vile filth. Can’t someone send them a letter with a bit of flour inside?