Search Slyck  
Nearly Half of Kazaa Executables Contain Malware? - Update
January 7, 2004
Thomas Mennecke
Font Bigger Font Smaller
There are always risks associated with downloading files off any P2P network. Whether it is eDonkey2000, Manolito P2P or FastTrack, taking the necessary action against potential viruses can go a long way in preventing damage to ones’ computer. Simple steps include keeping antivirus software current and not downloading files with suspicious extensions. It remains surprising the amount of people who still download VBS or EXE files

The proliferation of viruses is where TruSecure comes into play.

TruSecure describes itself as “the leading provider of intelligent risk management products and services. TruSecure dramatically improves security and reduces risk by helping organizations make better security decisions and maximizing the effectiveness of their existing security people, processes, and products.”

On December 29, 2003, TruSecure released a report titled “WildTrends 2003: A look at virus trends in 2003 and a few predictions in 2004.”

The research focuses on a virus directory called the “WildList.” The \"WildList\" is run by the WildList Organization, which tracks and categorizes viruses that pose the greatest threat to the end user. Anyone can report virus infections to this organization, which then tallies the report, contingent on its verification.

One of the more prominent aspects was the finding that viruses propagating “in the wild\" increased by 24% from January to October 2003. The greatest increase was associated with Win 32 viruses, which TruSecure states grew by a stunning 55%.

Here’s where things get juicy. TruSecure also looked into how these viruses propagate, for example, “Mailers”, “BackDoor”, “Self Updating” and of course P2P. TruSecure focused specifically on Kazaa, the most popular file-sharing application in the United States. Here’s what they had to say:

“A significant surge in malware intentionally being posted and unknowingly being shared on P2P file sharing networks. For example, according to new research conducted by Hughes (author of the TruSecure report), 45% of the free files collected via KaZaA, the most popular program for downloading free files and music, were viruses, Trojan horse programs and backdoors. “Organizations need to warn their employees about file-sharing applications and the danger they pose to them at work and at home,” advises Hughes.”

Consider 45% for a second. That is nearly half of all files downloaded. We found this discovery to be very curious, considering in all our years examining FastTrack, we have never received or heard any complaint that stated that almost half of all downloads were viruses, Trojan horse programs or backdoors.

While we certainly know about false files and a moderate quantity of viruses on FastTrack, 45% seems excessive. We asked Phil Morle, CTO of Sharman, to comment on these finding.

“The number speculated by TruSecure seems absurdly high. Kazaa comes pre-configured with anti-virus software that automatically deletes files which are infected with any kind of malware. Kazaa users who accept the default configuration are not only better protected than users of other p2p applications, but are also contributing towards a cleaner, safer pool of shared files.”

The RIAA and MPAA have been quick to use such data against P2P networks, stating that “legitimate” alternatives do not suffer from such problems. However, verified links, anti-virus software and common sense far outweigh the risks posed by P2P networks.


Bruce Huges of TruSecure gives some background into his investigation:

\"The full report will be finished soon and will include many more details. part of research I am doing on P2P worms discovered by doing keyword searches, a large majority of the (executable) files that come up in the search results are viruses or trojans. These files are there because the virus either infects files in that directory, is programmed to drop itself in that directory, or is placed their in a malicious way so that others will
download it.

I am to date still downloading (executable) files using my keywords and the results remain the same. This is over a time period of three months now. AV vendors and corporate reporters are reporting that P2P worms identified as being \"In the Wild\" are up 133% of course this based on public information that can be found on the WildList website. Remember that this is based on keywords but I have used some of the most common keywords used for internet searches. An example would be \"Britney Spears\".\"

This story is filed in these Slyck News categories
FastTrack :: Kazaa
Technology News :: Spyware/Adware

You can read the report here.

You can discuss this article here

© 2001-2019