There
are no known viruses to infect MP3 audio files. There
are several hoaxes along these lines here is one of them.
Virus Update: IWA Discovers Mpeg Audio Virus
SANTA CLARA, Calif.,
Virus security researchers at Internet Western Associates (Nasdaq:
IWAS - news) today announced the discovery of the first successful
multi-application media-file virus capable of infecting most media
player software. Affected are Layer 3 audio compatible players,
commonly called Mp3 players. The virus, called Bloat, has been
discovered to imbed itself into the executable portion of every player
in every condition tested so far, including Winamp, NAD, Jet Audio,
and Unreal Player Max; running under Windows 3.x, 9x, and NT operating
systems. Macintosh and Unix systems do not appear to be affected.
'Bloat' spreads in a manner similar to the recent Word-Macro virus
family. Virus code is conveyed and spread within *.mp3 audio files
upon being opened by player software. The program inserts a single
string of virus code immediately following the title/artist tag of an
Mp3 file. Bloat only targets files having an MP3 or EXE extension.
Similar audio formats such as VQF (Twin-VQ), WAV, Mp4 (under
development), RA (Real Audio), and AAC (Advanced Audio Coding) cannot
carry the virus.
The new Layer-3 'Bloat' virus is the first working virus of its type
found in the wild. Bloat does not cause data loss. As the name
sugguests, its effect is the opposite; the virus causes extra nonsense
data to be written to the hard disk during most writes. Files written
to the hard disk will occupy as much as five times the amount of space
they appear to be using, and should be using. As a result, free hard
disk space grows smaller and smaller. Once the virus has spread to
other programs in the system, affected users will experience
difficulty opening, reading or modifying documents in most of their
applications, as well as an increased overall sluggishness in system
performance. Considerable storage space is also lost.
Bloat uses the Mp3 audio files as carriers between players. Once the
virus is read by a player, it is loaded into system memory, where it
spreads back down into system applications. This successful travelling
method was first documented by researchers at the Internet Western
Associates AVERT (Anti-Virus Emergency Response Team) center in
Braintree, MA.
Detailed information on Bloat Layer 3 and detection/cleanup software
will be available shortly. With headquarters in Tacoma, Washington.,
Internet Western Associates, Inc. is dedicated to providing leading
enterprise network security and management solutions. McAfee Labs, the
anti-virus research affiliate of IWA, currently employs more than 85
virus researchers and maintains labs on five continents worldwide. In
addition to studying new and existing security threats, McAfee Labs
serves as a global resource for virus information and provides rapid,
follow-the-sun support for virus emergencies worldwide.
SOURCE: Internet Western Associates, Inc.
1998 BetaNews.Com. All Rights Reserved
Please do not distribute this hoax message.
*********************************
List
of known hoaxes:
A B C D E F G H I J K L M N O P Q R S T U V X Y Z
Welcome to my hoax section
if you encounter a message about a virus please send
to [email protected] or call me on ICQ#22015420
I
do not spread hoaxes! these pages are simply to inform
other users that they are hoaxes. Please to not spread
hoaxes. Hoax warnings are typically scare alerts started
by malicious people - and passed on by innocent users
who think they are helping the community by spreading
the warning.
Do
not forward hoax messages. There have been cases where
e-mail systems have collapsed after dozens of users
forwarded a false alert to everybody in the company.
Corporate users can get rid of the hoax problem by simply
setting a strict company guideline: End users must
not forward virus alarms. Ever. If such message is received, end users could forward it to the IT department
but not to anyone else.
|
