File sharing infects 500,000 computers

McAfee reveal details on what it calls the most significant malware outbreak since 2005, as peer-to-peer networks look under threat.

McAfee has reported what it claims is the most significant malware outbreak in three years, with more than 500,000 detections of a Trojan horse which masquerades as a media file.

A number of fake video and music files have been deliberately spread over peer-to-peer file sharing services like Limewire and eDonkey. These were malicious MP3 and MPEG files triggering the download of an application which served ads to the infected computer.

"People were downloading these files hoping it was music, but it was a media file format that allowed you to link to another site where you downloaded additional files," said Toralv Dirro, security strategist at McAfee Avert Labs.

"Those files downloaded turned out to adware that in some cases even asked the user to accept an end user licence agreement prior to installing."

McAfee saw this as 'medium' risk, with no other malware receiving that risk rating since 2005 as all others were rated less severe.

The security vendor claimed that it was the most prevalent piece of malware in the last three years, and that it had never seen a threat this significant come as a media file.

The huge figure came from retail users that had the option to submit data on what viruses and adware was detected on their computer to McAfee and made publicly available.

Dirro said: "We are currently seeing that the distribution is still going on. It is now at about 580,000 where files have been detected, so people are continuing to download and share these files."

The strategist said that these only reported the incidents that were actually detected, and the real number of users and computers affected would be much higher.

He said that although the damage in this case was not too serious as it was only adware, it could have been much worse and what McAfee were now afraid of in the future was attackers with a more sinister agenda.

"They could try and copycat this attempt as they have seen it is a very successful way to distribute malware," Dirro said. "In the future we are pretty much expecting this distribution method a lot more."

Dirro said that instead of pointing to adware, it could lead users to spyware which would instead try to steal people's data. Instead of being a multimedia file it could take the form of a directly executable one.

"It has happened in the past, but not anywhere close to this scale," Dirro said of the peer-to-peer nature of the attack.

Featured Resources

How to choose an AI vendor

Five key things to look for in an AI vendor

Download now

The UK 2020 Databerg report

Cloud adoption trends in the UK and recommendations for cloud migration

Download now

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

Download now

The impact of AWS in the UK

How AWS is powering Britain's fastest-growing companies

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Ransomware criminals look to other hackers to provide them with network access
ransomware

Ransomware criminals look to other hackers to provide them with network access

17 Jun 2021
CVS Health data breach leaves a billion records exposed
data protection

CVS Health data breach leaves a billion records exposed

16 Jun 2021
Four in five ransomware victims suffer repeat attacks
ransomware

Four in five ransomware victims suffer repeat attacks

16 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021