April 22, 2005 3:00 PM PDT

Virus pits itself against music pirates

By Dan Ilett
Special to CNET News.com

Related Stories

In the security hot seat

 April 22, 2005

U.K. court lifts veil on 33 more file sharers

 April 20, 2005

Prison terms on tap for 'prerelease' pirates

 April 19, 2005

Sober worm makes a comeback

 April 19, 2005

'Brad Pitt' virus targets Microsoft

 March 31, 2005

Top court to hear landmark P2P case Tuesday

 March 28, 2005
A hacker has created a virus that targets music lovers by deleting MP3 files on infected computers, according to antivirus company Sophos.

The worm, dubbed Nopir.B, spreads over peer-to-peer networks and appears to have originated in France, security researchers at Sophos said Friday.

Nopir.B is designed to look like a DVD-cracking program, to fool people looking for a program that will circumvent copy-restriction technology on the discs. When the worm is downloaded and run, it attempts to delete all MP3 music files and wipe some programs from the infected PC, the company said in its advisory.

Sophos said it believes the author of the virus may be looking to stamp out music piracy.

"The Nopir.B worm targets people it believes may be involved in piracy, but fails to discriminate between the true criminals and those who may have legally obtained MP3 files," Graham Cluley, senior technology consultant for Sophos, said in a statement. "Whichever side of the fence you come down on in regards to Internet piracy, there's no debate about the criminal nature of this worm--it's designed to inflict malicious damage on people's Windows computers."

Sophos has received few reports of the virus, but recommended that people update their security software. The malicious software affects PCs running Microsoft Windows.

Dan Ilett of ZDNet UK reported from London.

See more CNET content tagged:
Sophos Plc., worm, virus, security, Microsoft Windows

Add a Comment (Log in or register) 32 comments (Showing first 20 comments)
I wonder who wrote it?
by April 22, 2005 3:31 PM PDT
Regular virus-writers don't seem to exactly have this kind of motivation.

The RIAA or a similar organization would never be this stupid. I think.

So, that leaves... a disgruntled musician who thinks piracy is killing him?
Reply to this comment View all 5 replies
Another reason to avoid MS
by April 23, 2005 4:49 AM PDT
... switch to Mac.

Ever heard of a Mac (running on OS X) that has problems with virus,
spyware or adware? Didn't think so...
Reply to this comment View all 4 replies
sophos wrong
by April 23, 2005 7:45 AM PDT
quote from the article:

Graham Cluley, the senior technology consultant for Sophos, is wrong in his statements. I don't care if it does attack legal mp3s with the illegal ones. You shouldn't be downloading cracks for computer programs through p2p anyways and you get what you deserve if you do. I use a lot of free open source software and when there isn't a good open source alternative I am willing to pay an honest fee to use software. Leave this virus alone.
Reply to this comment
Suleova, meet point. You missed it the first time.
by TimeBomb April 23, 2005 7:15 PM PDT
There are valid reasons to skirt DVD copy protections, such as the simple need to backup a DVD you legitimately paid for.

But even if you toss that argument aside, what they gave in the article was just an example of how this malware could propagate. Anyone could easily change this malware to appear like some *other* application--say, HighHorse_PointMisser_2005.exe, which it seems you yourself would benefit from running. And it could also be distributed by means other than P2P (Usenet, email, IM, the web--anything.)

The bizarre position you've put yourself in is one in which you stand up for the digital rights of some (i.e. shareware and DVD authors), but not of others (i.e. those who mistakenly run this malware). To my cultivated mind, you can't have it both ways and still have both legs to stand on.
Reply to this comment View reply
Oy Vey
by April 23, 2005 10:31 PM PDT
This is not good. I have nearly 30GB worth of mp3 files on my system as I converted my CD collection. Let's also not forget the fact that some software titles use mp3 as the format for any audio files that the application uses. To convert my collection took a long time and I don't want to have to go through it again. This is an outright malicious attack and I for one would not be a bit surprised if there is some shady corporate sponsorship of the virus (RIAA, MPAA, and BSA).
Reply to this comment View reply
NO EXCUSES!!
by alawana April 24, 2005 11:04 AM PDT
This is an illlegal maneuver and it is uploading malicious software to many servers. This person or group responsible is no better than people or groups responsible for the Lovebug, Slammer, Blaster, or Sobig. This conduct whoever is responsible should be punished.

Advice , don't download any executable files or code cracking technology on your computer. Also before opening your files run your up to date antivirus software and have a strong firewall.
Next you may want to do a backup and demarcate a system restore function.

I'm sorry but two wrongs don't make a right.
Reply to this comment
virus is bad but...
by April 24, 2005 12:17 PM PDT
look, two wrongs dont make a right but i am sick of hearing the crying of people who do illegal things on the net and then get stung by their actions. having a copy of your dvd that you own is legal but cracking the dvd protection is not. until more ppl like myself get out there and push our legislatures to change the laws the simple fact is. copying protected dvds is currently illegal.

as for this virus spreading and being changed and used by other means such as email and im, people need to realize what is safe and what isnt while on the net. take some personal responsibility while surfing, chatting, and whatever. my anti-virus and anti-spyware barely get workouts because my system is constantly clean.

as for the virus writers: shame on you for adding another resource hog to the internet. the last thing we needed was a wasteful program taking up bandwidth.
Reply to this comment
RIAA has to do with it...that's for sure
by BraveErudite April 24, 2005 3:33 PM PDT
I have no reason to doubt the RIAA was responsable for this (In a conspiracy sort of way) Why would someone write such a code...? and they say it came from France most likely ...that I do beleive for some reason.
Reply to this comment
RAA paid some one to write it
by BraveErudite April 24, 2005 3:38 PM PDT
You better beleive the RIAA did it....WHo else would want to write somethink like that... Maybe some 14 year old from Shalalabadadukiestan?
Reply to this comment View all 2 replies
 See all 32 Comments >>
Powered by Jive Software
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right

  • News - Business Tech

    Samsung contemplating SanDisk acquisition

    South Korean consumer electronics giant is considering a buyout of the chipmaker to reduce its NAND flash memory costs, according to PaidContent.

  • Gallery

    Photos: Ron Paul's RNC alternative

    As the Republican convention took place just miles away, a crowd rallied for the former presidential candidate and his message of limited government, ensured civil liberties, lower taxes, and peace.

  • The Open Road

    Analysts as a lagging indicator of success

    Gartner, Forrester, and other analyst firms tend to be great predictors of the past, probably because that's where they get their money.

  • Beyond Binary

    Microsoft adding to its Labs collection

    Startup Labs will be an effort under Ray Ozzie, joining others including Live Labs, adCenter Labs, and Office Labs.

  • Video

    YouTube plays party politics

    During the presidential campaigning four years ago, YouTube didn't even exist. Now it's a tool candidates must master to get their message across. CNET's Kara Tsuboi stops by the YouTube upload booths at the Democratic and Republican conventions to find out why Google's video site has such a big presence in Denver and St. Paul, Minn.

  • News - Digital Media

    Week in review: Google's Chrome shines

    Web giant makes long-awaited foray into browser market, while the mobile market warms up. Also: Tech goes to Republican National Convention.

  • Video

    Political party playlists

    We know the Democrats and Republicans are split over policy issues, but does their musical taste fall down party lines too? And what kind of gadgets did they bring to the conventions to listen to their music? CNET reporter Kara Tsuboi finds out.

  • News - Gaming and Culture

    Are Demo and TechCrunch50 fragmenting their audiences?

    With both events scheduled to start Monday, many press, as well as venture capitalists and others are having to choose which one to attend.

  • News - Cutting Edge

    Execs predict next Google-like tech

    On eve of company's 10-year anniversary, researchers and business pundits speculate about what technologies might someday have as much impact as Google.

  • Gallery

    Photos: The brains behind Google Chrome

    Here's a look at some of the engineers and executives who took the stage at the company's headquarters as they unveiled the new browser.

  • Webware

    Hands-on with the new Joost: Software still required

    The new Joost is no longer a piece of software, but you'll still need a special site-specific plug-in to run it.

  • Green Tech

    Duke Energy to invest in mini solar power plants

    Can hundreds of rooftop solar panels collectively operate like a central power plant? Duke Energy launches $100 million distributed solar program to find out.

News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Dell
PlayStation 3
Wii
Windows Vista
CNET sites
CNET TV
Downloads
Forums
News
Reviews
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET