Some downloaders hoping to snare free Star Wars games are unwittingly
finding themselves installing the worm, P2Load.A, that spreads on P2P
networks using the file-sharing programs Shareaza and Imesh, according to
The worm copies itself to the shared directory of these programs as an
executable file, according to the software security outfit. Once installed
the software changes the computer’s browser so that users attempting to
reach Google’s search engine are directed to a spoofed Google page hosted on
a server in Germany.
Once there, search results returned include sponsored links created by the
author of this malware, generating increased traffic to these Web sites,
according to PandaLabs.
The worm could spoof other popular Web sites by simply changing
the content of the downloaded file, because it modifies the HOSTS file by replacing it with a file downloaded from a remote Web site, instead of being included in the worm’s code, the security software firm said.
The worm can also use other phishing techniques against other Web sites.
According to a report released by Symantec’s Internet Security team today,
these attacks are increasingly performed for
Whereas during earlier stages of the Internet, security sabotage was
often performed for thrills, or a certain notoriety achieved with the attack,
now those seeking monetary rewards are flooding the Internet
with malicious software code.
The report said during the first half of 2005, the amount of malicious code
exposing confidential information was 74 percent of the top 50
malicious code samples reported to Symantec, up from 54 percent in the
previous six months.