'Potter-mania' fuels spread of NetSky-P

Worm - like Voldemort - just won't die

The frenzy surrounding the latest Harry Potter cinematic offering is helping to keep the prevalent NetSky-P worm alive.

Almost three months on from the first sighting of NetSky-P back in late March the worm still poses a significant threat. El Reg inboxes are bombarded with hundreds of copies of the worm each day and we're far from alone. AV firm Sophos places NetSky-P as the second most common irritant last month, second only to the infamous Sasser worm. Unlike Sasser, which infects computers without any user interaction, NetSky-P has to tempt PC users into launching an infected file. Netsky-P worm spreads via email and file-sharing systems.

Sophos reckons NetSky-P owes some of its continued 'success' to its ability to disguise itself as a Harry Potter computer game when spreading on file-sharing systems. With the first screening of Harry Potter and the Prisoner of Azkaban this week, Potter fans - eager to play the latest games - seem to be dropping their guard.

Netsky-P echoes the four year-old Pikachu worm in targeting young people by using a fictional kid's character. It's far from the first time virus writers have used the references to Harry Potter in inducements to open malicious code. Winur-C and Banuris-B posed as cracks to computer games involving the young wizard in their attempts to ensnare the unwary. Forlorn-D posed as a movie clip from Harry Potter And The Sorcerors Stone (sic), among other things. ®

Related stories

Viruses up - or down
Netsky tops virus charts by a country mile
Trust me I'm clean, claims virus
Warner Bros scraps Harry Potter legal actions

Sponsored: Designing and building an open ITOA architecture