Talking trojan warns users of infection

Share this article:

Researchers have discovered one new strand of malware that has no use for stealth. A trojan that audibly brags to PC users about infecting their computers was found by researchers at Panda Software last month.

The trojan’s most notable feature is a voice message saying, "You have been infected I repeat you have been infected and your system files have been deleted. Sorry. Have a nice day and bye bye."

Called BotVoice.A, the trojan is ranked at medium threat level by Panda Software, which noted that the malware also uses the alias Hira.A.

The trojan prevents users from running BAT, COM, EXE and MP3 files and disables Task Manager and Windows Registry Editor.

It affects Windows XP, 2003, 2000, NT, Millennium Edition, 98 and 95 operating systems. The malware was first discovered by Panda on June 28.

The trojan needs a third-party medium, including email, floppy disks, CD-ROMs, web downloads, FTP, IRC chat and peer-to-peer file sharing networks, to spread and must be downloaded via user interaction, according to an advisory from Panda.

A Panda Software representative could not immediately be reached for comment.

Willy Leichter, director of product marketing at Tumbleweed Communications, a Redwood City, Calif.-based messaging security vendor, told SCMagazine.com today that the hacker responsible for creating this trojan could be showing off the technique for future for-profit use.

"There is still an element out there of the stereotypical hacker in a dark room trying to show the world just how smart he is. But that’s probably more the exception than the rule nowadays," he said. "Playing with audio is something we’ve been worried about. There are any number of ways that you can embed viruses in MP3 files. Maybe they’ll find a way to exploit YouTube."

Get more IT security news. Click here for SC Magazine Labs.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.