Fake MP3 attack hits 360,000 PCs

By Shaun Nichols on May 9, 2008 9:47 AM
Filed under Networks

Attackers are using fake MP3 files to launch one of the largest malware attacks in recent years, experts warned today..

The social engineering attacks purport to offer MP3 files or Mpeg movie files.

On downloading and launching the file, the user is prompted to launch an executable called 'play_mp3.exe' which installs adware.

Instead of a movie or song, the user gets a pair of adware tools for the Firefox web browser. If the user does not have Firefox installed, an error message asks the user to install the software.

McAfee researcher Craig Schmugar explained that the fake files have been traced to the fastmp3player.com domain. McAfee has detected the attacks on more than 360,000 machines, including more than 120,000 in the past 24 hours.

"This is one of the most prevalent pieces of malware in the past three years, " he said. "We have never had a threat this significant that arrives as a media file."

The malware launches a multimedia tool which Schmugar described as "simply a browser control wrapped in an executable".

"In the end you are left with a fake MP3 file taking up space, a worthless MP3 player, and adware that displays popup and pop-under ads," he said.

fake, mp3, attack, hits, 360000, pcs

Ads by Google

What are your thoughts on this article? Add your comment below.

To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.

NOTE: You must be a registered member of SC Magazine to post a comment.

Click here to login | Click here to register

comments powered by Disqus