KaZaa users warned of p2p worm

Share this article:

Researchers are warning peer-to-peer (p2p) application users of a new proof-of-concept virus that acts similarly to the W97M/Melissa malware.

The virus, MSH/Cibyz, which is based on Windows PowerShell, was released by members of the RRLF virus group, according to an advisory from McAfee.

PowerShell is a command line shell and scripting language that runs on Microsoft XP, Windows Server 2003, Vista and Longhorn operating systems.

The malware is a low risk to home and corporate users, according to a McAfee advisory. However, it can create a copy of itself in the Windows system directory and then modifies registry keys so users cannot view hidden files and extensions.

The virus also randomly sets Internet Explorer's start page and propagates by dropping a copy of itself in Shared KaZaa folders, according to an advisory in McAfee's Threat Center.

Microsoft confirmed in the existence of the PoC worm on Saturday by a posting on its Most Valuable Professional website.

FaceTime Communications also released an advisory for the worm this week. A company representative declined comment on the malware.

Ron O'Brien, senior security analyst at Sophos, said today that malware attacking applications like KaZaa are something his company is "seeing more and more."

"I think this is making KaZaa a potentially unwanted application," he said. "Once you open up that peer-to-peer tunnel, anything can come through."

Share this article:

Sign up to our newsletters

More in News

POS malware risks millions of payment cards for Michaels, Aaron Brothers shoppers

POS malware risks millions of payment cards for ...

An investigation dating back to January has finally confirmed that malware on point-of-sale systems may have compromised payment card data for millions of Michaels Stores and Aaron Brothers customers.

Phishing scam targets Michigan public schools

Unknown attackers used the finance director's email account to request wire transfers from the school district's accounting department.

Contempt order against Lavabit still stands, appeals court rules

Contempt order against Lavabit still stands, appeals court ...

A federal appeals court backed an earlier ruling penalizing the email service.