|
The W32/RJump.worm, which was discovered 20 June 2006, recently created a stir when it reappeared on video iPod devices released by Apple late September. W32/RJump.worm uses the Python scripting language and is converted into a Windows portable executable file. It attempts to spread by copying itself to mapped and removable storage drives, and also opens a backdoor on an infected system. iPods themselves are not affected but infect Windows-based machines when connected to download or transfer files.
The W32/QQPass.worm, which was first discovered 5 February 2003 on MP3 players released in Japan, has again surfaced this week on MP3 devices released in August. W32/QQPass.worm is a generic worm that steals password information from QQ, a popular Instant Messaging application in China. Both worms may spread through spam, instant messaging, removable media and other means.
Protection for both threats has been available in McAfee products since 25 September 2006 and 15 August 2006, respectively, but McAfee's Avert Labs has made the tool available at https://vil.nai.com/vil/stinger/default.aspx for users who may not already have adequate anti-virus protection.
“While the QQPass.worm and the RJump.worm have both been around for a while, they are still making their way into the hands of consumers through MP3 players and video iPod devices that were initially infected with the virus,” said Joe Telafici, director of operations, McAfee Avert Labs. “Today’s multi-function devices, like MP3 players, cell phones and digital cameras, with their much larger storage systems, and consumers’ tendency to plug them into multiple computers, can be a vector for slow-spreading threats like QQPass and RJump. With McAfee Stinger, users can scan for and remove these threats—safely eliminating them from their systems and devices.”
