p2pnet - rss feed: Kazaa p2p worm
p2pnet.net News:- Virus writers have created an experimental form of malware which tries to spread via Sharman Networks’ Kazaa, the p2p application which itself has been identified as a threat to users.
“Cibyz was developed by the same Austrian VXers who developed proof of concept malware targeting Microsoft Command Shell (MSH) technology, later renamed PowerShell,” continues The Register.
“Although the technique used to develop the Cibyz worm is novel, its propagation techniques are all too familiar. The worm attempts to spread via the Kazaa P2P file sharing application by posing as one of a variety of useful utilities. Users who attempt to open these illicit files (scripts) will find themselves infected. However, the worm does little damage apart from dropping a copy of itself in shared folders used by Kazaa.
“The malware isn’t spreading. Anti-virus firms classify Cibyz as a low-risk threat.”
Kazaa has, however, been extremely high-risk for thousands being used as it was, and presumably still is, by victims in the RIAA sue ‘em all marketing campaign.
And, “Sharman Networks claims that Kazaa has ‘NO SPYWARE’, based on a highly restricted definition of spyware (namely, that no personally identifiable information is sent by the program),” says StopBadware.org. “However, Kazaa’s installation includes several bundled programs that are considered spyware under the common definition of spyware as software that subverts the computer’s operation for the benefit of a third party (see Anti-Spyware Coalition and Wikipedia’s article on ‘Spyware’.”
John Palfrey, executive director of the Berkman Center and Harvard clinical professor of law, and Jonathan Zittrain, Harvard law visiting professor and professor of Internet governance and regulation at Oxford University, are StopBadware.org co-directors. Supporting them are an advisory board and working group comprising experts such as Net pioneers Esther Dyson and Vint Cerf.
Meanwhile, “The worm doesn’t exploit a specific security hole in PowerShell,” says CNET News. “Instead, it abuses the product’s ability to execute scripts by attempting to trick users into downloading and running malicious code. To do this, it uses a series of product names that may be attractive to Kazaa users. If run, the worm will overwrite some file types, change registry details and place itself in the machine’s Kazaa shared folder in order to spread.”
Sharman Networks, which based much of its marketing efforts on fallacious support of the p2p community, recently achieved its ambition of linking up with the corporate entertainment cartels.
Also See:
The Register - Worm targets Windows PowerShell script, August 1, 2006
high-risk for thousands - RIAA sues another grandma, August 1, 2006
CNET News - Hackers try to crack Windows PowerShell, August 1, 2006
achieved its ambition - Kazaa, MPAA alliance, July 27, 2006
p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile - http://p2pnet.net/index-wml.php
