0 Replies Latest reply on May 7, 2008 8:56 AM by HarryWaldron

    Avert Medium Threat Advisory -- Fake MP3 malware P2P attacks

      While this is more applicable to home users, I haven't seen a threat rated as MEDIUM for a while. This one is apparently circulating extensively. It appears to affect folks participating on P2P networks, which are always dangers with respect to malware and copyright concerns.

      All users need avoid the site: fastmp3player (dot ) com

      Avert Medium Threat Advisory -- Fake MP3 malware P2P attacks
      http://www.avertlabs.com/research/blog/index.php/2008/05/06/fake-mp3s-running-ra mpant/
      http://www.avertlabs.com/research/blog/index.php/2008/05/07/yet-even-more-fake-m edia-files/
      http://blastmagazine.com/2008/05/mcafee-identifies-downloader-uah-first-medium-r isk-malware-in-three-years/

      QUOTE: Detection of a trojan named Downloader-UA.h was added to the McAfee DAT files several days ago. Since that time more than 360,000 McAfee VirusScan Online users have reported detections, a whopping 32% of those reporting in the past 24 hours alone. Now Downloader-UA.h is not your everyday trojan, this detection covers fake music and video files associated with *** MALIOUS URL REMOVED ***

      When a user attempts to load one of these MP3 and MPG files, they don’t get the music/video they were hoping for; instead they’re directed to download a file named PLAY_MP3.exe. In fact, the MP3/MPG file they downloaded was completely fake, playing no media clip what so ever.