Trend Micro Discourages Content Downloading from P2P Networks
Security researchers at Trend Micro have recently unearthed a new PC worm that propagates via peer-to-peer (P2P) networks, similar to the threat that shows warnings of copyright violations.
The newly discovered worm by Trend Micro, WORM_PITUPI.K, very well addresses the classic problem faced by P2P worms i.e. hard-coded filenames used to deceive users by masquerading as key generators, cracks, or authentic software.
However, there's a major issue associated with the use of hard-coded technique and that is with the software becoming outdated, the malware also becomes outdated. But this new worm goes past this issue. It makes use of recently launched software by establishing link with The Pirate Bay website every single it gets executed. The worm then drops its copies into peer-to-peer shared folders in the form of files using the names of top 100 games and top 100 software. According to Trend Micro, even almost 200 copies may be created upon each execution.
The worm is found to spread via removable drives over the P2P networks including BitComet, eMule, Kazaa, FrostWire, Lphant, Bearshare, Limewire, and Shareaza.
It has fairly high distribution potential. While dropping its own copy, it drops an AUTORUN.INF file also, so as to ensure the automatic execution of its copy, each time the removable drives are used.
Unfortunately, in underground markets, the copies of the source code of malware are available free of cost. These can also be enhanced by malware developers to include other malevolent payloads like backdoor capabilities and downloading routines.
Consequently, Trend Micro advises users not to download media content or software from warez websites and P2P networks. Moreover, as this worm is able to propagate through removable drives, it is better to inactivate the AutoRun feature.
On a concluding note, it can be said that the threat predicted by security firm Kaspersky in regard to P2P networks is turning out true. The firm predicted that in 2010 there will be a shift in the kinds if attacks on netizens, from websites and software-based attacks towards attacks emanating from file-sharing networks.
Related article: Trend Micro Detects Spam Mail Declaring World War III
» SPAMfighter News - 25-05-2010