Vigilante Trojan wipes out P2P directories

I just posted the article Vigilante Trojan wipes out P2P directories.

 Here we have an interesting Trojan discovered recently by Sophos,  that is spread over chat programs and P2P. In addition to shutting down your  anti-virus, it searches typical directories...
Read the full article here:  [](

Feel free to add your comments below. 

Please note that the reactions from the complete site will be synched below.

I wonder what are the chances that it was actually written by RIAA/MPAA? :d Doesn’t sound too far-fetched to be true.

Someone had to pay for it and " in deleting such files, is actually “protecting” the end user." does sound like their thinking.
[edited by LastStand on 16.05.2006 20:11]

I’m willing to bet the RIAA?MPAA hired someone to write and release this virus. I SOOOOOOO hope if this is the case, they get caught and it’s traced back the RIAA and they get slammed with lawsuits and thrown in jail.

sony/bmg did NOT write the rootkit as they would not be able to take the responsibility, so sony/bmg used a small company to do their dirty job i suspect same thing for this one; however, it could be written by those who think their jobs or businesses were lost because of piracy & think that p2p = piracy anyway, i wonder those anti-virus software companies will consider this as a “malware”

Hi, I fell victim to this about 2 weeks ago via a P2P download.It deleted every mp3, avi, mpg,mpeg files off my harddrive. Fortunately I had most (not all) backed up, but estimate I lost about 10% of my files to this malicious attack. Morale…BACK UP your files ALWAYS quoll

@quoll Under what file name was it disguised as? And which p2p program? Emule has always been dodgy for things like this so i’m suspecting it’s that.

yep…disguised as crack.exe from eMule…yeah, alas I should’ve known better.

I haven’t particularly looked in to this to this trojan but it sounds to me like the comments to this trojan are missing a point. Not only will it delete your legal downloaded files and MP3s etc, it sounds to me like it could easily delete your completely own creations such as your home videos, your photos etc. Of course you’d probably have to be pretty stupid or careless to get the trojan and even stupider to fail to keep a backup of your important files but the fact remains that this trojan could probably seriusly damage or destroy someones collection of home movies and photos and well as perhaps documents and the like (assuming it deletes all zip files) A particularly nasty trojan and there is no way anyone can say this is protecting the users…

And what happens if its reversed engineered and now it deletes system files? This is not malware, its a VIRUZ!

Could it not be easy for the trojan to delete files with name that_have_underscores_in them like most files that were ripped by groups? Also they could look for group names themselves. Plus I thought that ripping programs could tag info to the file. For example, the song would show that it was ripped by me on my own computer as a backup. not that it was ripped by someone else, and downloaded (pirated) I highly suspect riaa myself. But overall not very damaging as the files can be recovered.

I serious doubt they had anything to do with it. If they did and it ever leaked out (and it would sooner of later,everything always does) they would be in deep bird dookey. Tampering with pc’ is a big no no. Delete just one legit file and the game is over.

I read an article, that some creator of software, had is work cracked in the same day, that was suposed to sell it…:(:frowning: Pissed, he did reverse is own software, in order that, if someone put a wrong key, the software itself, would start to deletes files…:r jesus, dont want to now if i miss a key:S