14 DAY TRIAL // Lots of users have already realized, over the past years, how skillful and dangerous a hacker can prove to be. It seems that almost anything you do on the web can infect your personal computer. Yesterday, security vendor McAfee has reported that a large number of fake MP3 files are spread on peer-to-peer networks. The announcement came to help users realize that they can get their PCs infected by just downloading a simple MP3 file.
After downloading the media file, which can be of either MP3 or MPG form, when users try to play it, they will be prompted to download a file dubbed "PLAY_MP3.exe". Victims should realize that the downloaded "music" or "video" file is actually fake and that no media file would be rendered. McAfee users will be fully protected of this Trojan horse after a virus definitions update. If you come in contact with any of these files, the McAfee Antivirus will recognize it as a Trojan horse dubbed Downloader-UA.h.
McAfee has published a list of sample files that are infected with the respective Trojan. The list can be found on McAfee's website along with the general way the Trojan horse works. The fake file names can be recognized by this form: preview-t-3545425-adult.mpg, t-3545425-bentley bizzle.mp3, t-3545425-stare at sun thrice.mp3.
The announcement was made by the McAfee researcher Craig Schmugar, who said that he was particularly interested in the complexity of this scheme. Running the "PLAY_MP3.exe" will bring up a 4800-words EULA which would require users to agree to it in order to proceed to the next step. After the OK button is pressed, the Trojan horse will install two applications, Mirar and NetNucleus, on the users' PCs. The Mirar program is displayed in a normal window, while NetNucleus comes in the form of a popup.
