The
Duload worm (W32/Duload-A), which has
the potential to infect PCs connected to the KaZaA file sharing
network, may be a damp squib when it comes to infecting users, but
it certainly provides an interesting insight into the topics that
may occupy many virus writers' minds, according to Sophos.
The Duload worm randomly creates disguises for itself using a
pool of 39 filenames. These filenames - which reflect a
preoccupation with sex, celebrity, computer games and hacking -
include 'J. Lo Bikini Screensaver.exe', 'Kama Sutra Tetris.exe',
'Free Mpegs.exe' and 'The Sims Game crack.exe', as well as some
pornographic references.
"Duload provides a snapshot of many virus writers' minds. Often
obsessed with sex and computer games, virus writers are much more
likely to be teenage males than crack cyberterrorists bent on the
annihilation of the internet," said Graham Cluley, senior
technology consultant at Sophos. "Let's all hope that when the new
school term begins, these youths will find their time is taken up
with homework, giving them less opportunity to write computer
viruses."
Although Sophos has not received reports of the Duload worm from
the wild, Sophos reminds all computer users to keep their
anti-virus protection up-to-date and practise safe computing.
"Perhaps the most pitiful aspect of the Duload worm is that the
virus author managed to type one of the filenames incorrectly -
'Alicia Silverstone Payboy Nude.exe'", continued Cluley. "You would
have thought the name of a top shelf magazine would have been one
detail he would have got right."
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.