• Home
  • Press
  • Press Releases
  • June
  • Thousands of new reports of Netsky-P worm: 'Potter-mania' tempting users into virus infection, says Sophos

Press Releases

Browse our press release archive

03 Jun 2004

Thousands of new reports of Netsky-P worm: 'Potter-mania' tempting users into virus infection, says Sophos

Harry Potter
The Netsky-P worm can disguise itself as content related to Harry Potter

Widespread worm poses as Harry Potter computer game in attempt to cast a spell on fans' PCs

Virus experts at Sophos are warning computer users that the Netsky-P worm is still posing a significant threat, despite being first protected against in March. The Netsky-P worm has been reported as bombarding email gateways with thousands of instances of itself in the last few days.

The worm owes some of its continued 'success' to its ability to disguise itself as a Harry Potter computer game when spreading on file-sharing systems. With the first screening of 'Harry Potter and the Prisoner of Azkaban' this week, Potter fans - eager to play the latest games - seem to be dropping their guard.

"Echoing a technique used in 2000 by the Pikachu worm, Netsky-P targets young computer users by sometimes posing as content connected with the Harry Potter books and movie franchise," said Graham Cluley, senior technology consultant at Sophos. "Parents need to educate their children against the threats of viruses, to ensure the popularity of Potter doesn't cast a nasty spell on their computer systems."

The Netsky-P worm spreads via email and internet file-sharing systems, and was the second most commonly reported virus to Sophos last month after the infamous Sasser internet worm. Unlike Sasser, which infects computers without any user interaction, the Netsky-P worm has to tempt PC users into launching an infected file.

"No-one should underestimate the Netsky-P worm. Since it was first spotted on March 22 it has cast a long shadow over the charts of most commonly encountered viruses, only being pushed off the top spot by the Sasser worm last month. It's not just email users who should be on their guard. Users of file-sharing systems who download content should equally be cautious that what they are downloading does not contain an unpleasant surprise," continued Cluley.

W32/Netsky-P is not the first virus to have used Harry Potter in an attempt to get innocent users to run its code. W32/Winur-C and W32/Banuris-B pretended to be cracks to computer games involving the young wizard, whilst W32/Forlorn-D could pose as a movie clip.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information