Talking trojan warns users of infection

Share this article:

Researchers have discovered one new strand of malware that has no use for stealth. A trojan that audibly brags to PC users about infecting their computers was found by researchers at Panda Software last month.

The trojan’s most notable feature is a voice message saying, "You have been infected I repeat you have been infected and your system files have been deleted. Sorry. Have a nice day and bye bye."

Called BotVoice.A, the trojan is ranked at medium threat level by Panda Software, which noted that the malware also uses the alias Hira.A.

The trojan prevents users from running BAT, COM, EXE and MP3 files and disables Task Manager and Windows Registry Editor.

It affects Windows XP, 2003, 2000, NT, Millennium Edition, 98 and 95 operating systems. The malware was first discovered by Panda on June 28.

The trojan needs a third-party medium, including email, floppy disks, CD-ROMs, web downloads, FTP, IRC chat and peer-to-peer file sharing networks, to spread and must be downloaded via user interaction, according to an advisory from Panda.

A Panda Software representative could not immediately be reached for comment.

Willy Leichter, director of product marketing at Tumbleweed Communications, a Redwood City, Calif.-based messaging security vendor, told today that the hacker responsible for creating this trojan could be showing off the technique for future for-profit use.

"There is still an element out there of the stereotypical hacker in a dark room trying to show the world just how smart he is. But that’s probably more the exception than the rule nowadays," he said. "Playing with audio is something we’ve been worried about. There are any number of ways that you can embed viruses in MP3 files. Maybe they’ll find a way to exploit YouTube."

Get more IT security news. Click here for SC Magazine Labs.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.