p2pnet - rss feed: Kazaa - hazardous to your PC’s health
Forty-five percent of executable files files downloaded through Kazaa contain malicious viruses, Trojan horses and backdoors.
The information comes in security firm TruSecure’s 2004 Threat Analysis here.
But because they’re not executable, so far, “music, picture and movie files have not been infected with malicious code,” says Bruce Hughes, director of malicious code research at TruSecure’s ICSA Labs.
“People need to open them through another program, such as a multimedia program like Real Player,” he says, quoted in Wired here. “Hackers are putting Trojans in Kazaa using words like ‘XP,’ ‘crack,’ or ‘porn’ in hopes that they will be picked up by users.”
But sooner or later, someone will find a way to infect movie and music files with malicious executable code, he states. “It’s one of the things that we worry about.”
Of 4,778 files downloaded in one month, Hughes found nearly half contained malicious code, says Wired, going on:
“Some code was designed to infect every file in a computer user’s Kazaa download directory with a virus. Other code would steal users’ AOL Instant Messenger password or install a program on their computer to allow the attacker to surreptitiously send spam through it or otherwise take over the machine remotely to steal personal data and files on the computer.”
Depending on who you listen to, between three and four million users surf Kazaa at any given time. This, says Hughes, makes Kazaa “increasingly attractive as a channel for distributing malware”.
Wild List e-viruse and worm tracker says the number of types of viruses circulating through Kazaa increased 133% in 2003 and this January, it recorded nine different viruses passing through Kazaa, Wired says, continuing:
“Hughes used such keywords as ‘Britney Spears,’ ‘Microsoft XP,’ ‘nude’ and ‘porn’ to choose the files he downloaded on Kazaa, focusing on some of the common files that users might share and the most popular keywords placed in search engines. He looked only at executable files - program files that launch when a user double-clicks them, and that usually end with .exe extensions in the file name. These are the types of files that most often contain malicious code.
“He said a lot of the malicious code he found was embedded in program files that are designed to bypass or break copyright protections placed on software files like Microsoft Office to allow users to share pirated copies of the software.”
But according to Slyck here, Phil Morle, cto of Sharman Networks which owns Kazaa, says, “The number speculated by TruSecure seems absurdly high. Kazaa comes pre-configured with anti-virus software that automatically deletes files which are infected with any kind of malware.
“Kazaa users who accept the default configuration are not only better protected than users of other p2p applications, but are also contributing towards a cleaner, safer pool of shared files.”
So that’s OK, then.
