Netsky-P exploits Harry Potter hype

Bill Brenner, News Writer

Beware, Harry Potter fans. The next time you open a file advertised as a new game featuring the young wizard, you could be inviting the Netsky-P worm to cast an evil spell on your PC.

Virus experts at Sophos warn that while the Netsky-P fix

    Requires Free Membership to View

has been available since March, so many computers have been infected that the worm enjoys continued success by posing as e-mail messages and links billed as new games, videos and other entertainment. With the theatrical release of "Harry Potter and the Prisoner of Azkaban," the worm is targeting Potter fans eager to play the latest games.

"Echoing a technique used in 2000 by the Pikachu worm, Netsky-P targets young computer users by sometimes posing as content connected with the Harry Potter books and movie franchise," said Graham Cluley, senior technology consultant for the Abingdon, U.K.-based antivirus software maker. Parents need to educate their children on the threats of worms and viruses to ensure Potter's popularity doesn't leave their computers open to attack, he added.

In this case, Netsky-P disguises itself as a Harry Potter computer game when spreading on file-sharing systems. The worm spreads via e-mail and Internet file-sharing systems and was the second most commonly reported virus to Sophos last month after the infamous Sasser worm. Unlike Sasser, which infects computers without any user interaction, the Netsky-P worm has to tempt PC users into launching an infected file. Netsky-P has been bombarding e-mail gateways with thousands of instances of itself in the last few days, Cluley said.

In the past, Netsky-P has also disguised itself as Britney Spears/Eminem photos and videos, Cluley said. Another popular disguise: Saddam Hussein.

Cluley said those who have updated protection should be safe, but that "so many computers have already been infected it'll take a long time to clean them up. Be careful about what you open, and if you haven't patched already, you should do so."

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: