Feeds

MP3 zapping malware worms onto P2P network

Vigilante virus

  • alert
  • submit to reddit

Intelligent flash storage arrays

Vigilante virus writers have launched an offensive against file traders with the release of a worm that deletes MP3 files on infected PCs.

The Nopir-B worm, which appears to have originated in France, poses on P2P networks as a program to make copies of commercial DVDs. In reality the application offers no such function. Instead it attempts to delete MP3 music files on infected PCs. Nopir-B also attempts to disable various system utilities and wipe .COM programs whilst displaying an anti-piracy graphic. Nopir-B only infects Windows machines.

"The Nopir-B worm targets people it believes may be involved in piracy, but fails to discriminate between the true criminals and those who may have legally obtained MP3 files. Whichever side of the fence you come down on in regards to internet piracy, there's no debate about the criminal nature of this worm," said Graham Cluley, senior technology consultant for Sophos.

Malware capable of zapping MP3 files is rare but not unprecedented. The Klez-F worm, for example, which was widespread in 2002, overwrote MP3 files (and other file types) on certain days of the month. The Scrambler worm was programmed to scramble MP3 files to sound like a scratched record while the Mylife-G worm overwrote MP3 files with the words "my lIfE".

Nopir-B is slightly unusual in this category because it spreads on P2P network, albeit modestly. Few copies of the worm have been spotted and it poses only a low risk. ®

Related stories

Klez tops virus charts again
Fizzer stealth worm spreads via KaZaA
Altnet wakes up as worm spreads through KaZaA

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.