Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Fast-spreading P2P worm targets USB drives

Jumps from PC to flash drives

Article comments

A crafty new P2P worm appears to be spreading quickly among users of a range of popular file-sharing programs.

So far the countries affected by the worm variant BitDefender calls Palevo.DP - Romania, Mongolia or Indonesia – suggest that the worm is being driven by factors specific to those countries. However, the file-sharing and IM services affected, said to include LimeWire, Ares, BearShare, iMesh, Shareza, Kazaa, DC++, and eMule, are wirdely used around the world by a mainly young audience, so the warning for users outside these countries is clear.

The worm lures victims using a link embedded in a spam IM message, which leads to what appears to be an image file but is actually the malicious payload. From that point on, the malware burrows into the host by installing a number of files that compromise the Windows XP firewall.

By this point the criminals have control over the system and can open backdoors to install further malware or capture passwords entered using Internet Explorer or Mozilla Firefox.

Two elements make Palevo.DP interesting. First, it copies itself to network shares from the infected PC as well as USB sticks or other external drives. Any unprotected system with the Windows autorun feature turned on – basically almost every PC - will find itself infected as those drives are moved from PC to PC.

The second feature is its targeting of P2P services by adding code to shared program files. The combination of removable media and P2P gives the worm a two-pronged attack-and-spread strategy which allows it to target home systems which are then used to launch attacks on better-defended business PCs from inside the network perimeter.

“This Palevo offensive is highly aggressive and during the very beginning of the outbreak we have witnessed rates of infection which easily exceeded 500 percent per hour,” said BitDefender senior researcher, Catalin Cosoi.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *