Skip to navigation
Latest News

VIRUS: p2p worm has eye for the studious

By Matt Whipp

Posted on 10 Sep 2003 at 15:53

Sophos has alerted its customers to the presence of a new worm that spreads through peer-to-peer file-sharing networks.

Blaxe-A is already in the wild and spreads by creating a folder in the system which is available to the KaZaA, Grokster and iMesh peer to peer networks, but is hidden on the infected machine. It copies itself into this folder using a variety of filenames to dupe other users into downloading it.

These can be anything from study guides, cracked games and applications, to pornography. But they are all .exe files. It will also look in the shared folders of KaZaA, KaZaA Lite, BearShare, Grokster and Morpheus apps for executable files and replace them with copies of itself.

When the worm is first executed, it installs a copy of itself to the Windows folder as BearShare.exe and makes a Registry entry to ensure it is run each time the computer is started. It makes further Registry edits to ensure it is run on other occasions.

For more information visit the Sophos website.

Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here

From around the web

Be the first to comment this article

You need to Login or Register to comment.

(optional)

Office 365: A complete Guide

advertisement

More From PC Pro
Latest Blog Posts Subscribe to our RSS Feeds
Latest ReviewsSubscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

Create an account

advertisement


Hitwise Top 10 Website 2010
 
 

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.