Moscow-based software developer Kaspersky Labs announced its
detection of the malicious program this week. KaZaA’s peer-to-peer
software is the most popular in the world, having been downloaded
more than 81 million times, according to the figures of
kazaa.com.
On an infected computer, the worm creates a directory accessible
to other users of the KaZaA network and regularly copies itself
into this directory under several thousand different names, each
being the title of a popular song or movie.
When a KaZaA user conducts a search for a file under a name
corresponding with one the worm's pseudonyms, the unsuspecting user
is given the chance to download it from the infected computer, thus
spreading the worm.
In addition to eating up free disk space and slowing down an
infected computer’s operation, Benjamin opens an anonymous web site
under the name of the infected computer's owner and uses it to
display advertising banners, thus making money for Benjamin's
creator.
Denis Zenkin, Kaspersky Labs’ Head of Corporate Communications,
said:
"Benjamin is not the first known worm to
exploit public access P2P file exchange networks. Previously, the
Gnutella file exchange network fell victim to virus creators. This
event once again demonstrates the necessity to filter all incoming
files for viruses, regardless of how well protected this or any
other network is. Before use, all data should be run through a
mandatory check for virus code using the latest virus database
update."
