There have been many media reports (The Register, BBC News Online, TechRadar, ZDNet, Eweek, etc..) in the last 24 hours or so following a blog post from our friends at McAfee, describing a Trojan horse that is said to have infested P2P networks.
The Trojan horse (which is detected as Troj/Wimad-E by Sophos, but called Downloader-UA.h in many of the news stories) is reported to have struck the PCs of home users who have downloaded specially-crafted MPG movie and MP3 music files from peer-to-peer file-sharing networks.
This isn’t a new technique for malware authors. For years they have used a cornucopia of alluring filenames on a variety of P2P networks to try and seed their malware. This latest attempt Windows uses Digital Rights Management (DRM) to trigger a visit to a malicious webpage that will, in turn, attempt to download adware-related files to the downloader’s computer…
Read more in my article on the Naked Security website.