Killjoy Trojan deletes warez and smut
Print storyVigilante malware
Posted in Anti-Virus, 17th May 2006 11:57 GMT
Free whitepaper – Certify your software integrity with Thawte code signing certificates
Virus writers have created a Trojan that deletes illicit files from compromised Windows PCs in addition to harvesting data from infected machines.
Erazer-A is spreading (albeit modestly) across P2P networks, where it poses as useful program files, or through chat programs.
If executed, the malware scours folders used for P2P apps for AVI, MP3, MPEG, WMV, GIF, ZIP and other files. It then erases any porn, warez, music or any other matching file type found in P2P directories before dropping copies of itself (using names such as names such as game.exe, goporn.exe, nero7.exe and officexpcrack.exe) in the shared folders of peer-to-peer (P2P) applications.
Erazer-A also turns off security applications running on the compromised machine. More information on the malware, and how to defend against it, can be found in an analysis by UK-based anti-virus firm Sophos here. ®
Free whitepaper – Vulnerability management buyer's checklist
The business case for application security
Reducing messaging and web security costs with managed services
Vulnerability management buyer's checklist
Extended Validation SSL Certificates
The best practices guide for application security
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive