Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Large media file Trojan outbreak

McAfee : 08 May, 2008  (Technical Article)
Music and video files available on file sharing sites carry Trojan horse with more than half a million infections detected so far.
McAfee Avert Labs reported on Tuesday the most significant malware outbreak in three years with more than 500,000 detections of a Trojan horse masquerading as a media file.

Since Friday May 2nd more than half a million instances of the Trojan have been detected on consumer PCs running. The malicious MP3 music or MPEG video files have appeared on popular file-sharing services such as Limewire and eDonkey.

McAfee rates the threat 'medium' risk. No other malware has received that risk rating since 2005. All other threats since then were rated lower on the severity scale.

'This is one of the most prevalent pieces of malware in the last three years,' said Craig Schmugar, threat researcher at McAfee Avert Labs. 'We have never before had a threat this significant that arrives as a media file.'

Cybercrooks loaded hundreds of rigged MP3 and MPEG files onto file-swapping services. The files are all named differently in multiple languages and vary in size to make them appear like legitimate music or video files. Attempting to play one of the malicious files will trigger the download of an application named 'PLAY_MP3.exe' that will serve ads to the infected computer.
McAfee identifies the Trojan horse as 'Downloader-UA.h.'

Some of the sample names used by the malicious media files include 'preview-t-3545425-adult.mpg' ; 'preview-t-3545425-changing times earth wind .mp3' ; 'preview-t-3545425-girls aloud st trinnians.mp3' ; 'preview-t-3545425-jij bent zo jeroen van den.mp3' ; 't-3545425-lion king portugues.mpg' and 't-3545425-los padres de ella.mpg'

Consumers should take care downloading content from untrusted sources and use security software to protect against malicious files.

McAfee Avert Labs Threat Researcher Craig Schmugar provides more technical details of this threat on the Avert Labs blog:
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo