There’s a new worm out which might erase all MP3 files it can find on a system. Symantec has named it W32.Deletemusic and The Register has the story on it.
Other than it being yet another case of an anti-virus company advertising their solutions using a virus which most people won’t ever hear again after the press release, there’s some bad/incomplete advice from Symantec in The Register’s article:
“We would recommend all users with MP3 files on their PCs to remain cautious about the removable media devices they are using in their machines.”
Orla Cox, Security Operations Manager, Symantec Security Response.
Most people have one MP3 or two in their hard drive, so if this sentence was rewritten to eliminate the “with MP3 files” bit it would still mean the same thing. However, corporate machines might not have any MP3 files. Or the user might not care. And instead of an “evil” file-deleting virus (which everyone can notice once important files go missing), it might be a data-theft trojan.
Convincing users to put even unknown media in corporate machines is not hard, but Symantec makes it seem as if a MP3-deleting virus was all the risk a user is taking when carelessly using writable removable media devices. That’s just not true.
As for file-erasing malicious code, those aren’t really a big deal. DVD-Rs are cheap and provide decent storage capacity, so anyone can backup most of their files with ease. Plus, any virus or malicious code which does too much damage soon after it infects a system can be quickly noticed and as such taken care of, meaning it can’t get too far (and this is the reason why old viruses had activation dates - so they could spread before being noticed).