Language Selection

English French German Italian Portuguese Spanish

Worm poses as pirated 'Grand Theft Auto'

Filed under
Security

A worm that targets gamers is making the rounds, tapping into popular titles and peer-to-peer file sharing, a security company has warned.

The worm, Hagbard.A, tries to disguise itself on peer-to-peer networks as pirated downloads of the popular games titles "Grand Theft Auto: San Andreas," "Need for Speed Underground 2" and 400 other programs, Sophos said in an advisory released on Friday.

The downloaded program will copy itself to the file-sharing folder on the compromised PC and attempt to spread using Windows Messenger. An instant message sent to others on the service contains a link to the worm and reads: "please download this...its only small brb."

"Because this worm can arrive in the form of an instant message, some users may be fooled into thinking it has come from a friend or colleague, rather than a virus on their PC," Graham Cluley, senior technology consultant for Sophos, said in a statement.

In addition, Hagbard puts a new twist on instant-messaging worms, security experts said, because it installs a Web server program on the infected computer. That could enable malicious attackers to gain remote access to data.

"This one has an interesting behaviour," said Art Gilliland, director of product management at IMLogic, an instant-messaging security provider. "It downloads a Web server to give someone remote access, which is more malicious than the spyware or adware that gets downloaded onto systems from other IM worms."

More of these malicious IM worms may be in the works, as virus writers go from testing the technology to putting it into full-scale use, Gilliland added.

Although Hagbard carries a different bite than other worms, it has not spread as rapidly as other viruses, security experts said.

"We haven't seen a larger number of reports. But that may not be surprising, because most of our customers are enterprises," Cluley said, noting that Hagbard's prevalence is currently rated low. "If it does break out, it will likely be a problem with home users, because most companies prohibit file sharing."

By Dawn Kawamoto
ZDNet

More in Tux Machines

today's howtos

Mesa 17.3 RC5 and Early Stages of Linux 4.15

  • mesa 17.3.0-rc5
    The fifth release candidate for Mesa 17.3.0 is now available. This is the last planned release candidate before the final release. We still have a couple of regressions in our tracker [1] although I'm anticipating for those to be resolved by EOW.
  • Mesa 17.3-RC5 Released, Official Mesa 3D Update Expected By Next Week
    The Mesa 17.3 release game is in overtime but it should be wrapping up in the days ahead. Emil Velikov of Collabora announced the Mesa 17.3-RC5 release candidate this morning. He anticipates it being the last release candidate, but there still are a few blocker bugs open. As of writing there still are 4 bugs open with one pertaining to Gallium3D Softpipe and the others being Intel driver issues.
  • Extra KVM Changes For Linux 4.15 Bring UMIP Support, AMD SEV Changes Delayed
    As some additional work past the KVM changes for Linux 4.15 submitted last week, a few more feature items have been queued. The second batch of Kernel-based Virtual Machine (KVM) updates sent in today for Linux 4.15 include ARM GICv4 support, x86 bug fixes, the AMD VFIO NFT performance fix, and x86 guest UMIP support. Landing already with Linux 4.15 is Intel UMIP capabilities for User-Mode Instruction Prevention to prevent certain instructions from being executed if the ring level is greater than zero. This latest KVM pull update adds this UMIP support to its space for both real and emulated guests.
  • AMD EPYC Is Running Well On Linux 4.15
    Of the many changes coming for Linux 4.15, as detailed this weekend Radeon GPU and AMD CPU customers have a lot to be thankful for with this new kernel update currently in development. Here are some initial benchmarks of the Linux 4.15 development kernel using an AMD EPYC 7601 32-core / 64-thread setup. When it comes to EPYC in Linux 4.15, the kernel side-bits have landed for Secure Encrypted Virtualization (SEV), CPU temperature monitoring support now working, and improved NUMA node balancing.

Videos: Akademy 2017 Talk, Upgrading Linux Mint, This Week in Linux

  • Akademy 2017 talk
    The talk by Jean-Baptiste Mardelle’s at Akademy 2017 is released along with many other interesting talks. Akademy is the annual world summit of KDE, one of the largest Free Software communities in the world. It is a free, non-commercial event organized by the KDE Community.
  • How To In-place Upgrade Linux Mint
    This video shows how to upgrade Linux Mint from 17.3 to 18.3 while keeping all of your personal data intact. Please be sure to give EzeeLinux a ‘Like’ on Facebook! Thanks! Also check out http://www.ezeelinux.com for more about Linux.
  • Linux Kernel 4.14, Firefox Quantum, Fedora 27, Munich? Meh | This Week in Linux 14
    On this episode of This Week in Linux. The first 6 Year LTS Linux Kernel was released this week. Huge Update from Mozilla with Firefox Quantum. New distro releases from Fedora and Slax.

LibreELEC (Krypton) v8.2.1 MR

LibreELEC 8.2.1 is a maintenance release that includes Kodi 17.6. It also resolves a minor time-zone issue after recent daylight saving changes, a resume from suspend issue with the Apple IR driver, and it provides two new SMB client configuration options in Kodi settings. You can now set a minimum SMB protocol version to prevent prevent SMB1 from ever being used, and a ‘legacy security’ option forces weak authentication to resolve issues seen with the USB sharing functions on some older router/NAS devices. If updating to LibreELEC 8.2 for the first time PLEASE READ THE RELEASE NOTES below here before posting issues in the forums as there are disruptive changes to Lirc, Samba, and Tvheadend. Read more