Hundreds of thousands of examples of a new Trojan that poses as a media file have flooded onto P2P networks.

Since Friday 2 May more than half a million instances of the Trojan have been detected on consumer PCs, according to net security firm McAfee. The anti-virus firm reports the spread of the Downloader-UA.h Trojan as the most significant malware outbreak in the last three years.

McAfee reckons miscreants loaded hundreds of rigged MP3 and MPEG files onto popular file-swapping services such as Limewire and eDonkey. The files are all named differently (in multiple languages) and vary in size in order to make them appear like legitimate music or video files. Attempting to play one of the malicious files will trigger the download of an application named "PLAY_MP3.exe" that serves ads onto infected Windows PCs.

McAfee rates the threat "medium" risk. No other malware has received that risk rating since 2005. It advises consumers to adopt safe surfing practices, such as running up-to-date security software and taking care in downloading content from untrusted sources to avoid getting hit.

A blog posting by McAfee Avert Labs threat researcher Craig Schmugar, explaining the threat in greater detail, can be found here. ®

Related stories

• Storm worm botnet turns into April shower (1 May 2008)
• Virus writers charged with copyright violation (24 January 2008)
• Malware hitches a ride on digital devices (11 January 2008)
• VXers target online video (1 November 2006)
• Spyware infection prompts McDonalds MP3 recall (16 October 2006)
• Killjoy Trojan deletes warez and smut (17 May 2006)
• Trojan targets World of Warcraft gamers (8 May 2006)
• Trojan uses smut to filch bank details (5 May 2006)
• Trojans exploit Windows DRM loophole (13 January 2005)
• Altnet wakes up as worm spreads through KaZaA (20 May 2002)