Trojan adware hiding in MP3s, McAfee says
Adware pushers have found a new way to trick you into downloading their annoying
products: fake MP3 files.
On Tuesday, security vendor McAfee reported that it's seen a huge spike in
fake MP3 files spreading on peer-to-peer networks. Although the files have names
that make them look like audio recordings, they're really Trojan horse programs
that try to install a shoddy media player and adware on your computer, said
Craig Schmugar, a researcher with McAfee.
"Once you run it, there is no content. You're taken to this site to install
this player which you don't really need," he said.
Fake file names include: preview-t-3545425-changing times earth wind .mp3 and
t-3545425-just got lucky.mp3. Schmugar listed more filenames, as well as details
on the adware, in a Tuesday
blog posting.
Users are first asked to OK an end-user license agreement before the Trojan installs the Mirar toolbar and two other components, called FBrowsingAdvisor & SurfingEnhancer.
Ironically, while Mirar tells users that it doesn't display popups, the FBrowsingAdvisor & SurfingEnhancer software do deliver popup ads, so users who do not realize that they are installing several programs might feel tricked, Schmugar said. "You have a Window telling you that there are no popups and right behind it is a popup."
Although McAfee has seen some nasty software disguising itself as media files
in the past, it has never seen anything on this scale, Schmugar said. Over the
past 24 hours, nearly a third of the McAfee customers who reported data back
to the security company have detected these files, he said.
In the past few days McAfee has spotted the files on more than 360,000 users'
desktops.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
