Language Selection

English French German Italian Portuguese Spanish

Worm poses as pirated 'Grand Theft Auto'

Filed under
Security

A worm that targets gamers is making the rounds, tapping into popular titles and peer-to-peer file sharing, a security company has warned.

The worm, Hagbard.A, tries to disguise itself on peer-to-peer networks as pirated downloads of the popular games titles "Grand Theft Auto: San Andreas," "Need for Speed Underground 2" and 400 other programs, Sophos said in an advisory released on Friday.

The downloaded program will copy itself to the file-sharing folder on the compromised PC and attempt to spread using Windows Messenger. An instant message sent to others on the service contains a link to the worm and reads: "please download this...its only small brb."

"Because this worm can arrive in the form of an instant message, some users may be fooled into thinking it has come from a friend or colleague, rather than a virus on their PC," Graham Cluley, senior technology consultant for Sophos, said in a statement.

In addition, Hagbard puts a new twist on instant-messaging worms, security experts said, because it installs a Web server program on the infected computer. That could enable malicious attackers to gain remote access to data.

"This one has an interesting behaviour," said Art Gilliland, director of product management at IMLogic, an instant-messaging security provider. "It downloads a Web server to give someone remote access, which is more malicious than the spyware or adware that gets downloaded onto systems from other IM worms."

More of these malicious IM worms may be in the works, as virus writers go from testing the technology to putting it into full-scale use, Gilliland added.

Although Hagbard carries a different bite than other worms, it has not spread as rapidly as other viruses, security experts said.

"We haven't seen a larger number of reports. But that may not be surprising, because most of our customers are enterprises," Cluley said, noting that Hagbard's prevalence is currently rated low. "If it does break out, it will likely be a problem with home users, because most companies prohibit file sharing."

By Dawn Kawamoto
ZDNet

More in Tux Machines

Games and CrossOver

Red Hat and Fedora

Android Leftovers

Leftovers: OSS and Sharing

  • CoreOS Tectonic Now Installs Kubernetes on OpenStack
    CoreOS and OpenStack have a somewhat intertwined history, which is why it's somewhat surprising it took until today for CoreOS's Tectonic Kubernetes distribution to provide an installer that targets OpenStack cloud deployments.
  • Docker and Core OS plan to donate their container technologies to CNCF
    Containers have become a critical component of modern cloud, and Docker Inc. controls the heart of containers, the container runtime. There has been a growing demand that this critical piece of technology should be under control of a neutral, third party so that the community can invest in it freely.
  • How Blockchain Is Helping China Go Greener
    Blockchain has near-universal applicability as a distributed transaction platform for securely authenticating exchanges of data, goods, and services. IBM and the Beijing-based Energy-Blockchain Labs are even using it to help reduce carbon emissions in air-polluted China.
  • An efficient approach to continuous documentation
  • The peril in counting source lines on an OSS project
    There seems to be a phase that OSS projects go through where as they mature and gain traction. As they do it becomes increasingly important for vendors to point to their contributions to credibly say they are the ‘xyz’ company. Heptio is one such vendor operating in the OSS space, and this isn’t lost on us. :) It helps during a sales cycle to be able to say “we are the a big contributor to this project, look at the percentage of code and PRs we submitted”. While transparency is important as is recognizing the contributions that key vendors, focus on a single metric in isolation (and LoC in particular) creates a perverse incentive structure. Taken to its extreme it becomes detrimental to project health.
  • An Open Source Unicycle Motor
    And something to ponder. The company that sells this electric unicycle could choose to use a motor with open firmware or one with closed firmware. To many consumers, that difference might not be so significant. To this consumer, though, that’s a vital difference. To me, I fully own the product I bought when the firmware is open. I explain to others that they ought to choose that level of full ownership whenever they get a chance. And if they join a local makerspace, they will likely meet others with similar values. If you don’t yet have a makerspace in your community, inquire around to see if anyone is in the process of forming one. Then find ways to offer them support. That’s how we do things in the FOSS community.
  • The A/V guy’s take on PyCon Pune
    “This is crazy!”, that was my reaction at some point in PyCon Pune. This is one of my first conference where I participated in a lot of things starting from the website to audio/video and of course being the speaker. I saw a lot of aspects of how a conference works and where what can go wrong. I met some amazing people, people who impacted my life , people who I will never forget. I received so much of love and affection that I can never express in words. So before writing anything else I want to thank each and everyone of you , “Thank you!”.
  • Azure Service Fabric takes first tentative steps toward open source [Ed: Microsoft Peter is openwashing a patent trap with back doors]
  • Simulate the Internet with Flashback, a New WebDev Test Tool from LinkedIn
  • Mashape Raises $18M for API Gateway Tech
    Casado sees Mashape's Kong API gateway in particular as being a particularly well positioned technology. Kong is an open-source API gateway and microservice management technology.
  • PrismTech to Demonstrate Open Source FACE 2.1 Transport Services Segment (TSS) Reference Implementation at Air Force FACE Technical Interchange Meeting
    PrismTech’s TSS reference implementation is being made available under GNU Lesser General Public License (LGPL) v3 open source license terms.
  • How Open-Source Robotics Hardware Is Accelerating Research and Innovation

    The latest issue of the IEEE Robotics & Automation Magazine features a special report on open-source robotics hardware and its impact in the field.