Security news29 July 2005
Online video game pirates targeted by Hagbard instant messaging worm, Sophos reports
 |
| The Hagbard worm can pose as downloadable pirated console games on file-sharing networks. |
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have discovered a worm that spreads via instant messaging chat systems and poses as pirated video games on file-sharing networks.
The W32/Hagbard-A worm can pose on file-sharing networks as one of over 400 different downloadable programs, including disk images of popular PS2 and XBOX console games such as "Grand Theft Auto: San Andreas" and "Need For Speed Underground 2".
Once the worm has infected a computer, it can send instant messages to other users of Windows Messenger, containing a link and the following text:
-
please download this...its only small brb
The link points to a copy of the worm stored on the infected computer.
"Because this worm can arrive in the form of an instant message, some users may be fooled into thinking it has come from a friend or colleague rather than a virus on their PC," said Graham Cluley, senior technology consultant for Sophos. "The reference to 'brb' is shorthand for 'be right back'. What the recipient doesn't realise is that once infected remote hackers can gain unauthorized access to the data on their computers."
Sophos reports that often virus writers have used popular cultural icons such as film stars, video games and musicians to entice people into running their malicious code. Last year Sophos reported how the prevalent Netsky-P worm could pose as a Harry Potter computer game.
"The video game business is huge, and they are fighting internet pirates just like the music and movie industries. People who are in the habit of downloading illegal copies of games from the net are not only damaging the video games industry, they are also potentially putting their own computer at risk of infection," continued Cluley. "The best advice is not only keep your anti-virus and firewall defenses up-to-date, but also to never download pirated software from the net."
Sophos recommends companies put in place a consolidated solution to defend against viruses, spyware and spam, and ensure that it automatically updated as new threats emerge.
