PandaLabs Report Discusses Movie Trojan and Other Worms
A PandaLabs report informs about a dangerous Trojan called Harrenix.A that acts falsely as a trailer for the Harry Potter movie to infect end users' computers. It also discusses two other worms, Moaphie.A and Trixcu.A and the Trojan Suarabh.A.
Trojan Harrenix.A enters computers pretending to be a trailer for the much-anticipated Harry Potter film. But when the user opens the file, there is no movie, instead the Trojan contaminates the system. To prevent any suspicion, the file displays an error message, which says that since a certain codec is absent, it is not possible to show the video. Then it recommends the user to go to the official movie website.
Although the final Harry Potter book, "Harry Potter and the Deathly Hallow" is due for release on July 21, 2007, fans still can't resist their temptation to read the copy via a USB drive that supposedly has the manuscript.
While readers are eagerly waiting for the Harry Potter novel, hackers seem to get new work to do. According to warnings by security firms, the hackers are circulating computer worms that are exploiting the Potter-mania worldwide and proclaiming the death of Harry, as published by Smarthouse on June 29, 2007.
The worm was spotted just a few days after a hacker apparently disclosed key portions of the story of the Harry Potter novel. The Harry Potter worm posed as the manuscript of "Harry Potter and the Deathly Hallows".
Earlier, there had been a similar instance with the movie "Pirates of the Caribbean". Cyber crooks exploit people's interest in such films and entice them to open the video files that actually contain malicious code, explained Luis Corrons, technical director of PandaLabs, according to news reported by Govtech.com on June 27, 2007.
On executing the other worm mentioned in the report, Trixcu.A, an error message pops up. This worm carries out malicious activities on the infected computer, like copying itself onto the system and altering the Windows Registry, by which, it auto-runs every time the computer starts up.
The worm also attempts to change the registered name of the company to which the OS (Operating System) belongs. And it spreads by copying itself onto the mapped drives on the PC.
Related article: PandaLabs Reports a Trojan and Two Worms
» SPAMfighter News - 11-07-2007